aws-cdk-lib.aws_iam.Effect

enum Effect

LanguageType name
.NETAmazon.CDK.AWS.IAM.Effect
Gogithub.com/aws/aws-cdk-go/awscdk/v2/awsiam#Effect
Javasoftware.amazon.awscdk.services.iam.Effect
Pythonaws_cdk.aws_iam.Effect
TypeScript (source)aws-cdk-lib » aws_iam » Effect

The Effect element of an IAM policy.

See also: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_effect.html

Example

declare const books: apigateway.Resource;
declare const iamUser: iam.User;

const getBooks = books.addMethod('GET', new apigateway.HttpIntegration('http://amazon.com'), {
  authorizationType: apigateway.AuthorizationType.IAM
});

iamUser.attachInlinePolicy(new iam.Policy(this, 'AllowBooks', {
  statements: [
    new iam.PolicyStatement({
      actions: [ 'execute-api:Invoke' ],
      effect: iam.Effect.ALLOW,
      resources: [ getBooks.methodArn ]
    })
  ]
}))

Members

NameDescription
ALLOWAllows access to a resource in an IAM policy statement.
DENYExplicitly deny access to a resource.

ALLOW

Allows access to a resource in an IAM policy statement.

By default, access to resources are denied.


DENY

Explicitly deny access to a resource.

By default, all requests are denied implicitly.

See also: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html