1 Answer
- Newest
- Most votes
- Most comments
0
Yes, the AWS CDK allows you to add multiple service principals to an IAM Role. However, instead of using the grantAssumeRole
method, you should use a CompositePrincipal
. This allows you to combine multiple principals together.
Here's how you can do it:
import * as iam from '@aws-cdk/aws-iam';
import * as cdk from '@aws-cdk/core';
// ... inside your Stack
const role = new iam.Role(this, 'MyRole', {
assumedBy: new iam.CompositePrincipal(
new iam.ServicePrincipal('lambda.amazonaws.com'),
new iam.ServicePrincipal('edgelambda.amazonaws.com')
)
});
This code will create an IAM Role that can be assumed by both lambda.amazonaws.com
and edgelambda.amazonaws.com
.
The CompositePrincipal
class allows you to combine multiple principal entities, making it a powerful tool when creating more complex IAM Policies.
answered 9 months ago
Relevant content
- asked a year ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 9 months ago
- AWS OFFICIALUpdated 2 years ago