Require that a principal is present in the IAM policy statement. Always matches if statement specifies the
star ('*') principal. Otherwise check that any of the provided principals is present as defined, including
possible wildcards. This allows for validating multiple formats of the principal, for example:
arn:aws:iam::123456789012:root ## For example when principal is explicitly defined as string
arn:${AWS::Partition}:iam::123456789012:root ## For example when CDK AccountPrincipal() is used
Both above examples define the same principal but in different format that (may) be rendered to a comparable
string only during CloudFormation deployment. To check the existence of multiple principals, call this function
separately for each one.
The param 'principals' is also rendered in the same manner so it is possible to pass a principal as an object
produced by the CDK Stack.resolve() function
Require that a principal is present in the IAM policy statement. Always matches if statement specifies the star ('*') principal. Otherwise check that any of the provided principals is present as defined, including possible wildcards. This allows for validating multiple formats of the principal, for example:
Both above examples define the same principal but in different format that (may) be rendered to a comparable string only during CloudFormation deployment. To check the existence of multiple principals, call this function separately for each one.
The param 'principals' is also rendered in the same manner so it is possible to pass a principal as an object produced by the CDK Stack.resolve() function