aws-cdk-lib.aws_iam.GrantWithResourceOptions

interface GrantWithResourceOptions

LanguageType name
.NETAmazon.CDK.AWS.IAM.GrantWithResourceOptions
Gogithub.com/aws/aws-cdk-go/awscdk/v2/awsiam#GrantWithResourceOptions
Javasoftware.amazon.awscdk.services.iam.GrantWithResourceOptions
Pythonaws_cdk.aws_iam.GrantWithResourceOptions
TypeScript (source)aws-cdk-lib » aws_iam » GrantWithResourceOptions

Options for a grant operation.

Example

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import { aws_iam as iam } from 'aws-cdk-lib';

declare const conditions: any;
declare const grantable: iam.IGrantable;
declare const resourceWithPolicy: iam.IResourceWithPolicy;
const grantWithResourceOptions: iam.GrantWithResourceOptions = {
  actions: ['actions'],
  grantee: grantable,
  resource: resourceWithPolicy,
  resourceArns: ['resourceArns'],

  // the properties below are optional
  conditions: {
    conditionsKey: {
      conditionsKey: conditions,
    },
  },
  resourceSelfArns: ['resourceSelfArns'],
};

Properties

NameTypeDescription
actionsstring[]The actions to grant.
granteeIGrantableThe principal to grant to.
resourceIResourceWithPolicyThe resource with a resource policy.
resourceArnsstring[]The resource ARNs to grant to.
conditions?{ [string]: { [string]: any } }Any conditions to attach to the grant.
resourceSelfArns?string[]When referring to the resource in a resource policy, use this as ARN.

actions

Type: string[]

The actions to grant.


grantee

Type: IGrantable

The principal to grant to.


resource

Type: IResourceWithPolicy

The resource with a resource policy.

The statement will be added to the resource policy if it couldn't be added to the principal policy.


resourceArns

Type: string[]

The resource ARNs to grant to.


conditions?

Type: { [string]: { [string]: any } } (optional, default: No conditions)

Any conditions to attach to the grant.


resourceSelfArns?

Type: string[] (optional, default: Same as regular resource ARNs)

When referring to the resource in a resource policy, use this as ARN.

(Depending on the resource type, this needs to be '*' in a resource policy).