GradientEdge CDK Utils
    Preparing search index...

    Class IamManager

    Provides operations on AWS Identity and Access Management (IAM).

    • A new instance of this class is injected into CommonConstruct constructor.
    • If a custom construct extends CommonConstruct, an instance is available within the context.
    import { CommonConstruct } from '@gradientedge/cdk-utils'

    class CustomConstruct extends CommonConstruct {
      constructor(parent: Construct, id: string, props: common.CommonStackProps) {
        super(parent, id, props)
        this.props = props
        this.iamManager.createRoleForEcsEvent('MyEcsRole', this, cluster, task)
      }
    }

    [CDK IAM Module]https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_iam-readme.html

    Index

    Constructors

    constructor

    Methods

    createPolicyForCloudfrontInvalidation createPolicyForSqsEvent createRoleForAppConfigSecrets createRoleForCloudfrontInvalidation createRoleForCloudTrail createRoleForDynamoDbToLambdaPipe createRoleForEcsEvent createRoleForEcsExecution createRoleForLambda createRoleForSqsToLambdaPipe createRoleForSqsToSfnPipe createRoleForStepFunction statementForAppConfigExecution statementForAssumeRole statementForCloudfrontInvalidation statementForCreateAnyLogStream statementForCreateLogStream statementForDecryptKms statementForDeleteAnyS3Objects statementFordynamoDbStream statementForEcsPassRole statementForGetAnyS3Objects statementForInvokeLambda statementForListAllMyBuckets statementForListBucket statementForPassRole statementForPollQueue statementForPutAnyLogEvent statementForPutAnyS3Objects statementForPutEvents statementForPutLogEvent statementForPutXrayTelemetry statementForReadAnyAppConfig statementForReadSecrets statementForReadTableItems statementForRunEcsTask statementForStartExecution statementForWriteEfs statementForWriteTableItems

    Constructors

    Methods

    • Parameters

      • id: string

        scoped id of the resource

      • scope: CommonConstruct

        scope in which this resource is defined

      • sqsQueue: Queue

        the SQS queue to grant access to

      • eventBridgeRule: IRule

        the EventBridge rule that sends events to the queue

      • OptionalservicePrincipals: ServicePrincipal[]

        optional list of service principals, defaults to events.amazonaws.com

      Returns PolicyDocument

    • Parameters

      • id: string

        scoped id of the resource

      • scope: CommonConstruct

        scope in which this resource is defined

      • dynamoDbStreamArn: string

        the ARN of the DynamoDB stream (source)

      • lambdaFunctionArn: string

        the ARN of the Lambda function (target)

      Returns Role

    • Parameters

      • scope: CommonConstruct

        scope in which this resource is defined

      • bucket: IBucket

        the S3 bucket to grant delete access to

      • OptionalresourceArns: string[]

        optional list of ARNs to allow access to, defaults to all objects in the bucket

      Returns PolicyStatement

    Settings

    Member Visibility

    On This Page

    Constructors
    Methods
    createPolicyForCloudfrontInvalidationcreatePolicyForSqsEventcreateRoleForAppConfigSecretscreateRoleForCloudfrontInvalidationcreateRoleForCloudTrailcreateRoleForDynamoDbToLambdaPipecreateRoleForEcsEventcreateRoleForEcsExecutioncreateRoleForLambdacreateRoleForSqsToLambdaPipecreateRoleForSqsToSfnPipecreateRoleForStepFunctionstatementForAppConfigExecutionstatementForAssumeRolestatementForCloudfrontInvalidationstatementForCreateAnyLogStreamstatementForCreateLogStreamstatementForDecryptKmsstatementForDeleteAnyS3ObjectsstatementFordynamoDbStreamstatementForEcsPassRolestatementForGetAnyS3ObjectsstatementForInvokeLambdastatementForListAllMyBucketsstatementForListBucketstatementForPassRolestatementForPollQueuestatementForPutAnyLogEventstatementForPutAnyS3ObjectsstatementForPutEventsstatementForPutLogEventstatementForPutXrayTelemetrystatementForReadAnyAppConfigstatementForReadSecretsstatementForReadTableItemsstatementForRunEcsTaskstatementForStartExecutionstatementForWriteEfsstatementForWriteTableItems