Skip to content

Commit

Permalink
expose underlying principal from PrincipalWithConditions
Browse files Browse the repository at this point in the history
  • Loading branch information
@BenChaimberg
BenChaimberg committed May 13, 2021
1 parent 6903036 commit 84045fd
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 2 deletions.
5 changes: 4 additions & 1 deletion packages/@aws-cdk/aws-iam/lib/principals.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -154,8 +154,11 @@ export class PrincipalWithConditions implements IPrincipal {
public readonly assumeRoleAction: string = this.principal.assumeRoleAction;
private additionalConditions: Conditions;

/**
* @param principal The underlying principal to which conditions will be attached.
*/
constructor(
private readonly principal: IPrincipal,
public readonly principal: IPrincipal,
conditions: Conditions,
) {
this.additionalConditions = conditions;
Expand Down
2 changes: 1 addition & 1 deletion packages/@aws-cdk/aws-lambda/lib/function-base.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -424,7 +424,7 @@ export abstract class FunctionBase extends Resource implements IFunction, ec2.IC
if (conditionOperatorsAreSupported && conditionKeysAreSupported) {
sourceAccount = conditions.ArnEquals['aws:SourceAccount'];
sourceArn = conditions.ArnEquals['aws:SourceArn'];
principal = principal.principal;
principal = (principal as iam.PrincipalWithConditions).principal;
} else {
throw new Error(`PrincipalWithConditions had unsupported conditions for Lambda permission statement: ${conditions}. ` +
'Supported operators: [ArnEquals]; supported conditions: [aws:SourceArn, aws:SourceAccount]');
Expand Down

0 comments on commit 84045fd

Please sign in to comment.