Class AwsCustomResourcePolicy
java.lang.Object
software.amazon.jsii.JsiiObject
software.amazon.awscdk.customresources.AwsCustomResourcePolicy
- All Implemented Interfaces:
software.amazon.jsii.JsiiSerializable
@Generated(value="jsii-pacmak/1.84.0 (build 5404dcf)",
date="2023-06-19T16:30:42.046Z")
@Stability(Stable)
public class AwsCustomResourcePolicy
extends software.amazon.jsii.JsiiObject
The IAM Policy that will be applied to the different calls.
Example:
AwsCustomResource awsCustom = AwsCustomResource.Builder.create(this, "aws-custom") .onCreate(AwsSdkCall.builder() .service("...") .action("...") .parameters(Map.of( "text", "...")) .physicalResourceId(PhysicalResourceId.of("...")) .build()) .onUpdate(AwsSdkCall.builder() .service("...") .action("...") .parameters(Map.of( "text", "...", "resourceId", new PhysicalResourceIdReference())) .build()) .policy(AwsCustomResourcePolicy.fromSdkCalls(SdkCallsPolicyOptions.builder() .resources(AwsCustomResourcePolicy.ANY_RESOURCE) .build())) .build();
-
Nested Class Summary
Nested classes/interfaces inherited from class software.amazon.jsii.JsiiObject
software.amazon.jsii.JsiiObject.InitializationMode
-
Field Summary
Modifier and TypeFieldDescriptionUse this constant to configure access to any resource. -
Constructor Summary
ModifierConstructorDescriptionprotected
AwsCustomResourcePolicy
(software.amazon.jsii.JsiiObject.InitializationMode initializationMode) protected
AwsCustomResourcePolicy
(software.amazon.jsii.JsiiObjectRef objRef) -
Method Summary
Modifier and TypeMethodDescriptionstatic AwsCustomResourcePolicy
fromSdkCalls
(SdkCallsPolicyOptions options) Generate IAM Policy Statements from the configured SDK calls.static AwsCustomResourcePolicy
fromStatements
(List<? extends PolicyStatement> statements) Explicit IAM Policy Statements.resources for auto-generated from SDK calls.statements for explicit policy.Methods inherited from class software.amazon.jsii.JsiiObject
jsiiAsyncCall, jsiiAsyncCall, jsiiCall, jsiiCall, jsiiGet, jsiiGet, jsiiSet, jsiiStaticCall, jsiiStaticCall, jsiiStaticGet, jsiiStaticGet, jsiiStaticSet, jsiiStaticSet
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
Methods inherited from interface software.amazon.jsii.JsiiSerializable
$jsii$toJson
-
Field Details
-
ANY_RESOURCE
Use this constant to configure access to any resource.
-
-
Constructor Details
-
AwsCustomResourcePolicy
protected AwsCustomResourcePolicy(software.amazon.jsii.JsiiObjectRef objRef) -
AwsCustomResourcePolicy
protected AwsCustomResourcePolicy(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)
-
-
Method Details
-
fromSdkCalls
@Stability(Stable) @NotNull public static AwsCustomResourcePolicy fromSdkCalls(@NotNull SdkCallsPolicyOptions options) Generate IAM Policy Statements from the configured SDK calls.Each SDK call with be translated to an IAM Policy Statement in the form of:
call.service:call.action
(e.gs3:PutObject
).This policy generator assumes the IAM policy name has the same name as the API call. This is true in 99% of cases, but there are exceptions (for example, S3's
PutBucketLifecycleConfiguration
requiress3:PutLifecycleConfiguration
permissions, Lambda'sInvoke
requireslambda:InvokeFunction
permissions). UsefromStatements
if you want to do a call that requires different IAM action names.- Parameters:
options
- options for the policy generation. This parameter is required.
-
fromStatements
@Stability(Stable) @NotNull public static AwsCustomResourcePolicy fromStatements(@NotNull List<? extends PolicyStatement> statements) Explicit IAM Policy Statements.- Parameters:
statements
- the statements to propagate to the SDK calls. This parameter is required.
-
getStatements
statements for explicit policy. -
getResources
resources for auto-generated from SDK calls.
-