interface IComparablePrincipal

Language	Type name
.NET	Amazon.CDK.AWS.IAM.IComparablePrincipal
Java	software.amazon.awscdk.services.iam.IComparablePrincipal
Python	aws_cdk.aws_iam.IComparablePrincipal
TypeScript (source)	@aws-cdk/aws-iam » IComparablePrincipal

Implemented by AccountPrincipal, AccountRootPrincipal, AnyPrincipal, Anyone, ArnPrincipal, CanonicalUserPrincipal, CompositePrincipal, FederatedPrincipal, OpenIdConnectPrincipal, OrganizationPrincipal, PrincipalWithConditions, SamlConsolePrincipal, SamlPrincipal, ServicePrincipal, SessionTagsPrincipal, StarPrincipal, WebIdentityPrincipal, ViaServicePrincipal

Interface for principals that can be compared.

This only needs to be implemented for principals that could potentially be value-equal. Identity-equal principals will be handled correctly by default.

Properties

Name	Type	Description
assumeRoleAction	string	When this Principal is used in an AssumeRole policy, the action to use.
grantPrincipal	IPrincipal	The principal to grant permissions to.
policyFragment	PrincipalPolicyFragment	Return the policy fragment that identifies this principal in a Policy.
principalAccount?	string	The AWS account ID of this principal.

---

assumeRoleAction

Type: string

When this Principal is used in an AssumeRole policy, the action to use.

---

grantPrincipal

Type: IPrincipal

The principal to grant permissions to.

---

policyFragment

Type: PrincipalPolicyFragment

Return the policy fragment that identifies this principal in a Policy.

---

principalAccount?

Type: string (optional)

The AWS account ID of this principal.

Can be undefined when the account is not known (for example, for service principals). Can be a Token - in that case, it's assumed to be AWS::AccountId.

Methods

Name	Description
addToPolicy(statement)⚠️	Add to the policy of this principal.
addToPrincipalPolicy(statement)	Add to the policy of this principal.
dedupeString()	Return a string format of this principal which should be identical if the two principals are the same.

---

addToPolicy(statement)⚠️

public addToPolicy(statement: PolicyStatement): boolean

⚠️ Deprecated: Use addToPrincipalPolicy instead.

Parameters

• statement PolicyStatement

Returns

• boolean

Add to the policy of this principal.

---

addToPrincipalPolicy(statement)

public addToPrincipalPolicy(statement: PolicyStatement): AddToPrincipalPolicyResult

Parameters

• statement PolicyStatement

Returns

• AddToPrincipalPolicyResult

Add to the policy of this principal.

---

dedupeString()

public dedupeString(): string

Returns

• string

Return a string format of this principal which should be identical if the two principals are the same.