Class: AWSCDK::Lambda::CfnPermissionProps

Inherits:
Jsii::Struct
  • Object
show all
Defined in:
lambda/cfn_permission_props.rb

Overview

Properties for defining a CfnPermission.

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(action:, function_name:, principal:, event_source_token: nil, function_url_auth_type: nil, invoked_via_function_url: nil, principal_org_id: nil, source_account: nil, source_arn: nil) ⇒ CfnPermissionProps

Returns a new instance of CfnPermissionProps.

Parameters:



18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
# File 'lambda/cfn_permission_props.rb', line 18

def initialize(action:, function_name:, principal:, event_source_token: nil, function_url_auth_type: nil, invoked_via_function_url: nil, principal_org_id: nil, source_account: nil, source_arn: nil)
  @action = action
  Jsii::Type.check_type(@action, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "action")
  @function_name = function_name
  Jsii::Type.check_type(@function_name, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3sicHJpbWl0aXZlIjoic3RyaW5nIn0seyJmcW4iOiJhd3MtY2RrLWxpYi5pbnRlcmZhY2VzLmF3c19sYW1iZGEuSUZ1bmN0aW9uUmVmIn0seyJmcW4iOiJhd3MtY2RrLWxpYi5pbnRlcmZhY2VzLmF3c19sYW1iZGEuSVZlcnNpb25SZWYifV19fQ==")), "functionName")
  @principal = principal
  Jsii::Type.check_type(@principal, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3sicHJpbWl0aXZlIjoic3RyaW5nIn0seyJmcW4iOiJhd3MtY2RrLWxpYi5pbnRlcmZhY2VzLmF3c19pYW0uSVJvbGVSZWYifSx7ImZxbiI6ImF3cy1jZGstbGliLmludGVyZmFjZXMuYXdzX2lhbS5JVXNlclJlZiJ9XX19")), "principal")
  @event_source_token = event_source_token
  Jsii::Type.check_type(@event_source_token, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "eventSourceToken") unless @event_source_token.nil?
  @function_url_auth_type = function_url_auth_type
  Jsii::Type.check_type(@function_url_auth_type, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "functionUrlAuthType") unless @function_url_auth_type.nil?
  @invoked_via_function_url = invoked_via_function_url
  Jsii::Type.check_type(@invoked_via_function_url, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3sicHJpbWl0aXZlIjoiYm9vbGVhbiJ9LHsiZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifV19fQ==")), "invokedViaFunctionUrl") unless @invoked_via_function_url.nil?
  @principal_org_id = principal_org_id
  Jsii::Type.check_type(@principal_org_id, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "principalOrgId") unless @principal_org_id.nil?
  @source_account = 
  Jsii::Type.check_type(@source_account, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "sourceAccount") unless @source_account.nil?
  @source_arn = source_arn
  Jsii::Type.check_type(@source_arn, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3sicHJpbWl0aXZlIjoic3RyaW5nIn0seyJmcW4iOiJhd3MtY2RrLWxpYi5pbnRlcmZhY2VzLmF3c19pYW0uSVJvbGVSZWYifSx7ImZxbiI6ImF3cy1jZGstbGliLmludGVyZmFjZXMuYXdzX2NvZ25pdG8uSVVzZXJQb29sUmVmIn0seyJmcW4iOiJhd3MtY2RrLWxpYi5pbnRlcmZhY2VzLmF3c19ldmVudHMuSVJ1bGVSZWYifSx7ImZxbiI6ImF3cy1jZGstbGliLmludGVyZmFjZXMuYXdzX2lvdC5JVG9waWNSdWxlUmVmIn0seyJmcW4iOiJhd3MtY2RrLWxpYi5pbnRlcmZhY2VzLmF3c19raW5lc2lzZmlyZWhvc2UuSURlbGl2ZXJ5U3RyZWFtUmVmIn0seyJmcW4iOiJhd3MtY2RrLWxpYi5pbnRlcmZhY2VzLmF3c19sYW1iZGEuSUZ1bmN0aW9uUmVmIn0seyJmcW4iOiJhd3MtY2RrLWxpYi5pbnRlcmZhY2VzLmF3c19sb2dzLklMb2dHcm91cFJlZiJ9LHsiZnFuIjoiYXdzLWNkay1saWIuaW50ZXJmYWNlcy5hd3NfczMuSUJ1Y2tldFJlZiJ9LHsiZnFuIjoiYXdzLWNkay1saWIuaW50ZXJmYWNlcy5hd3Nfc25zLklUb3BpY1JlZiJ9LHsiZnFuIjoiYXdzLWNkay1saWIuaW50ZXJmYWNlcy5hd3Nfc3FzLklRdWV1ZVJlZiJ9XX19")), "sourceArn") unless @source_arn.nil?
end

Instance Attribute Details

#actionString (readonly)

The action that the principal can use on the function.

For example, lambda:InvokeFunction or lambda:GetFunction .



45
46
47
# File 'lambda/cfn_permission_props.rb', line 45

def action
  @action
end

#event_source_tokenString? (readonly)

For Alexa Smart Home functions, a token that the invoker must supply.



69
70
71
# File 'lambda/cfn_permission_props.rb', line 69

def event_source_token
  @event_source_token
end

#function_nameString, ... (readonly)

The name or ARN of the Lambda function, version, or alias.

Name formats - Function namemy-function (name-only), my-function:v1 (with alias).

  • Function ARNarn:aws:lambda:us-west-2:123456789012:function:my-function .
  • Partial ARN123456789012:function:my-function .

You can append a version number or alias to any of the formats. The length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64 characters in length.



57
58
59
# File 'lambda/cfn_permission_props.rb', line 57

def function_name
  @function_name
end

#function_url_auth_typeString? (readonly)

The type of authentication that your function URL uses.

Set to AWS_IAM if you want to restrict access to authenticated users only. Set to NONE if you want to bypass IAM authentication to create a public endpoint. For more information, see Control access to Lambda function URLs .



76
77
78
# File 'lambda/cfn_permission_props.rb', line 76

def function_url_auth_type
  @function_url_auth_type
end

#invoked_via_function_urlBoolean, ... (readonly)

Indicates whether the permission applies when the function is invoked through a function URL.



81
82
83
# File 'lambda/cfn_permission_props.rb', line 81

def invoked_via_function_url
  @invoked_via_function_url
end

#principalString, ... (readonly)

The AWS service , AWS account , IAM user, or IAM role that invokes the function.

If you specify a service, use SourceArn or SourceAccount to limit who can invoke the function through that service.



64
65
66
# File 'lambda/cfn_permission_props.rb', line 64

def principal
  @principal
end

#principal_org_idString? (readonly)

The identifier for your organization in AWS Organizations .

Use this to grant permissions to all the AWS accounts under this organization.



88
89
90
# File 'lambda/cfn_permission_props.rb', line 88

def principal_org_id
  @principal_org_id
end

#source_accountString? (readonly)

For AWS service , the ID of the AWS account that owns the resource.

Use this together with SourceArn to ensure that the specified account owns the resource. It is possible for an Amazon S3 bucket to be deleted by its owner and recreated by another account.



95
96
97
# File 'lambda/cfn_permission_props.rb', line 95

def 
  @source_account
end

#source_arnString, ... (readonly)

For AWS services , the ARN of the AWS resource that invokes the function.

For example, an Amazon S3 bucket or Amazon SNS topic.

Note that Lambda configures the comparison using the StringLike operator.



104
105
106
# File 'lambda/cfn_permission_props.rb', line 104

def source_arn
  @source_arn
end

Class Method Details

.jsii_propertiesObject



106
107
108
109
110
111
112
113
114
115
116
117
118
# File 'lambda/cfn_permission_props.rb', line 106

def self.jsii_properties
  {
    :action => "action",
    :function_name => "functionName",
    :principal => "principal",
    :event_source_token => "eventSourceToken",
    :function_url_auth_type => "functionUrlAuthType",
    :invoked_via_function_url => "invokedViaFunctionUrl",
    :principal_org_id => "principalOrgId",
    :source_account => "sourceAccount",
    :source_arn => "sourceArn",
  }
end

Instance Method Details

#to_jsiiObject



120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
# File 'lambda/cfn_permission_props.rb', line 120

def to_jsii
  result = {}
  result.merge!({
    "action" => @action,
    "functionName" => @function_name,
    "principal" => @principal,
    "eventSourceToken" => @event_source_token,
    "functionUrlAuthType" => @function_url_auth_type,
    "invokedViaFunctionUrl" => @invoked_via_function_url,
    "principalOrgId" => @principal_org_id,
    "sourceAccount" => @source_account,
    "sourceArn" => @source_arn,
  })
  result.compact
end