aws-cdk-lib.aws_lambda.LayerVersionPermission

interface LayerVersionPermission

LanguageType name
.NETAmazon.CDK.AWS.Lambda.LayerVersionPermission
Gogithub.com/aws/aws-cdk-go/awscdk/v2/awslambda#LayerVersionPermission
Javasoftware.amazon.awscdk.services.lambda.LayerVersionPermission
Pythonaws_cdk.aws_lambda.LayerVersionPermission
TypeScript (source)aws-cdk-lib » aws_lambda » LayerVersionPermission

Identification of an account (or organization) that is allowed to access a Lambda Layer Version.

Example

const layer = new lambda.LayerVersion(stack, 'MyLayer', {
  code: lambda.Code.fromAsset(path.join(__dirname, 'layer-code')),
  compatibleRuntimes: [lambda.Runtime.NODEJS_14_X],
  license: 'Apache-2.0',
  description: 'A layer to test the L2 construct',
});

// To grant usage by other AWS accounts
layer.addPermission('remote-account-grant', { accountId: awsAccountId });

// To grant usage to all accounts in some AWS Ogranization
// layer.grantUsage({ accountId: '*', organizationId });

new lambda.Function(stack, 'MyLayeredLambda', {
  code: new lambda.InlineCode('foo'),
  handler: 'index.handler',
  runtime: lambda.Runtime.NODEJS_14_X,
  layers: [layer],
});

Properties

NameTypeDescription
accountIdstringThe AWS Account id of the account that is authorized to use a Lambda Layer Version.
organizationId?stringThe ID of the AWS Organization to which the grant is restricted.

accountId

Type: string

The AWS Account id of the account that is authorized to use a Lambda Layer Version.

The wild-card '*' can be used to grant access to "any" account (or any account in an organization when organizationId is specified).


organizationId?

Type: string (optional)

The ID of the AWS Organization to which the grant is restricted.

Can only be specified if accountId is '*'