Package com.amazonaws.auth.policy
Class Principal
- java.lang.Object
-
- com.amazonaws.auth.policy.Principal
-
public class Principal extends Object
A principal is an AWS account or AWS web serivce, which is being allowed or denied access to a resource through an access control policy. The principal is a property of theStatement
object, not directly thePolicy
object.The principal is A in the statement "A has permission to do B to C where D applies."
In an access control policy statement, you can set the principal to all authenticated AWS users through the
AllUsers
member. This is useful when you don't want to restrict access based on the identity of the requester, but instead on other identifying characteristics such as the requester's IP address.
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static class
Principal.Services
The services who have the right to do the assume the role action.static class
Principal.WebIdentityProviders
Web identity providers, such as Login with Amazon, Facebook, or Google.
-
Field Summary
Fields Modifier and Type Field Description static Principal
All
Principal instance that includes all the AWS accounts, AWS web services and web identity providers.static Principal
AllServices
Principal instance that includes all AWS web services.static Principal
AllUsers
Principal instance that includes all users, including anonymous users.static Principal
AllWebProviders
Principal instance that includes all the web identity providers.
-
Constructor Summary
Constructors Constructor Description Principal(Principal.Services service)
Constructs a new principal with the specified AWS web service which is being allowed or denied access to a resource through an access control policy.Principal(Principal.WebIdentityProviders webIdentityProvider)
Constructs a new principal with the specified web identity provider.Principal(String accountId)
Constructs a new principal with the specified AWS account ID.Principal(String provider, String id)
Constructs a new principal with the specified id and provider.Principal(String provider, String id, boolean stripHyphen)
Constructs a new principal with the specified id and provider.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description boolean
equals(Object principal)
String
getId()
Returns the unique ID for this principal.String
getProvider()
Returns the provider for this principal, which indicates in what group of users this principal resides.int
hashCode()
-
-
-
Field Detail
-
AllUsers
public static final Principal AllUsers
Principal instance that includes all users, including anonymous users.This is useful when you don't want to restrict access based on the identity of the requester, but instead on other identifying characteristics such as the requester's IP address.
-
AllServices
public static final Principal AllServices
Principal instance that includes all AWS web services.
-
AllWebProviders
public static final Principal AllWebProviders
Principal instance that includes all the web identity providers.
-
All
public static final Principal All
Principal instance that includes all the AWS accounts, AWS web services and web identity providers.
-
-
Constructor Detail
-
Principal
public Principal(Principal.Services service)
Constructs a new principal with the specified AWS web service which is being allowed or denied access to a resource through an access control policy.- Parameters:
service
- An AWS service.
-
Principal
public Principal(String accountId)
Constructs a new principal with the specified AWS account ID. This method automatically strips hyphen characters found in the account Id.- Parameters:
accountId
- An AWS account ID.
-
Principal
public Principal(String provider, String id)
Constructs a new principal with the specified id and provider. This method automatically strips hyphen characters found in the account ID if the provider is "AWS".
-
Principal
public Principal(String provider, String id, boolean stripHyphen)
Constructs a new principal with the specified id and provider. This method optionally strips hyphen characters found in the account Id.
-
Principal
public Principal(Principal.WebIdentityProviders webIdentityProvider)
Constructs a new principal with the specified web identity provider.- Parameters:
webIdentityProvider
- An web identity provider.
-
-
Method Detail
-
getProvider
public String getProvider()
Returns the provider for this principal, which indicates in what group of users this principal resides.- Returns:
- The provider for this principal.
-
getId
public String getId()
Returns the unique ID for this principal.- Returns:
- The unique ID for this principal.
-
-