Class ServicePrincipal
An IAM principal that represents an AWS service (i.e. sqs.amazonaws.com
).
Inherited Members
Namespace: Amazon.CDK.AWS.IAM
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public class ServicePrincipal : PrincipalBase, IAssumeRolePrincipal, IComparablePrincipal, IPrincipal, IGrantable
Syntax (vb)
Public Class ServicePrincipal
Inherits PrincipalBase
Implements IAssumeRolePrincipal, IComparablePrincipal, IPrincipal, IGrantable
Remarks
ExampleMetadata: infused
Examples
var lambdaRole = new Role(this, "Role", new RoleProps {
AssumedBy = new ServicePrincipal("lambda.amazonaws.com"),
Description = "Example role..."
});
var stream = new Stream(this, "MyEncryptedStream", new StreamProps {
Encryption = StreamEncryption.KMS
});
// give lambda permissions to read stream
stream.GrantRead(lambdaRole);
Synopsis
Constructors
ServicePrincipal(ByRefValue) | Used by jsii to construct an instance of this class from a Javascript-owned object reference |
ServicePrincipal(DeputyBase.DeputyProps) | Used by jsii to construct an instance of this class from DeputyProps |
ServicePrincipal(String, IServicePrincipalOpts) | Reference an AWS service, optionally in a given region. |
Properties
PolicyFragment | Return the policy fragment that identifies this principal in a Policy. |
Service | AWS service (i.e. sqs.amazonaws.com). |
Methods
DedupeString() | Return whether or not this principal is equal to the given principal. |
ServicePrincipalName(String) | Return the service principal name based on the region it's used in. |
ToString() | Returns a string representation of an object. |
Constructors
ServicePrincipal(ByRefValue)
Used by jsii to construct an instance of this class from a Javascript-owned object reference
protected ServicePrincipal(ByRefValue reference)
Parameters
- reference Amazon.JSII.Runtime.Deputy.ByRefValue
The Javascript-owned object reference
ServicePrincipal(DeputyBase.DeputyProps)
Used by jsii to construct an instance of this class from DeputyProps
protected ServicePrincipal(DeputyBase.DeputyProps props)
Parameters
- props Amazon.JSII.Runtime.Deputy.DeputyBase.DeputyProps
The deputy props
ServicePrincipal(String, IServicePrincipalOpts)
Reference an AWS service, optionally in a given region.
public ServicePrincipal(string service, IServicePrincipalOpts opts = null)
Parameters
- service System.String
AWS service (i.e. sqs.amazonaws.com).
- opts IServicePrincipalOpts
AWS service (i.e. sqs.amazonaws.com).
Properties
PolicyFragment
Return the policy fragment that identifies this principal in a Policy.
public override PrincipalPolicyFragment PolicyFragment { get; }
Property Value
Overrides
Service
AWS service (i.e. sqs.amazonaws.com).
public virtual string Service { get; }
Property Value
System.String
Methods
DedupeString()
Return whether or not this principal is equal to the given principal.
public override string DedupeString()
Returns
System.String
Overrides
ServicePrincipalName(String)
Return the service principal name based on the region it's used in.
public static string ServicePrincipalName(string service)
Parameters
- service System.String
Returns
System.String
Remarks
Some service principal names used to be different for different partitions,
and some were not. This method would return the appropriate region-specific
service principal name, getting that information from the region-info
module.
These days all service principal names are standardized, and they are all
of the form <servicename>.amazonaws.com
.
If the feature flag @aws-cdk/aws-iam:standardizedServicePrincipals
is set, this
method will always return its input. If this feature flag is not set, this
method will perform the legacy behavior, which appends the region-specific
domain suffix for some select services (for example, it would append .cn
to some service principal names).
Examples
var principalName = ServicePrincipal.ServicePrincipalName("ec2.amazonaws.com");
ToString()
Returns a string representation of an object.
public override string ToString()
Returns
System.String