UNPKG

@aws-cdk/aws-iam

Version:

CDK routines for easily assigning correct and minimal IAM permissions

github.com/aws/aws-cdk

aws/aws-cdk

33 lines (32 loc) 1.26 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
import { IConstruct } from 'constructs'; import { PolicyStatement } from './policy-statement'; import { AddToPrincipalPolicyResult, IPrincipal, PrincipalPolicyFragment } from './principals'; /** * Properties for an UnknownPrincipal */ export interface UnknownPrincipalProps { /** * The resource the role proxy is for */ readonly resource: IConstruct; } /** * A principal for use in resources that need to have a role but it's unknown * * Some resources have roles associated with them which they assume, such as * Lambda Functions, CodeBuild projects, StepFunctions machines, etc. * * When those resources are imported, their actual roles are not always * imported with them. When that happens, we use an instance of this class * instead, which will add user warnings when statements are attempted to be * added to it. */ export declare class UnknownPrincipal implements IPrincipal { readonly assumeRoleAction: string; readonly grantPrincipal: IPrincipal; private readonly resource; constructor(props: UnknownPrincipalProps); get policyFragment(): PrincipalPolicyFragment; addToPrincipalPolicy(statement: PolicyStatement): AddToPrincipalPolicyResult; addToPolicy(statement: PolicyStatement): boolean; }