Class CfnPermission
Grants permissions to the AWS Certificate Manager ( ACM ) service principal ( acm.amazonaws.com
) to perform IssueCertificate , GetCertificate , and ListPermissions actions on a CA. These actions are needed for the ACM principal to renew private PKI certificates requested through ACM and residing in the same AWS account as the CA.
Implements
Inherited Members
Namespace: Amazon.CDK.AWS.ACMPCA
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public class CfnPermission : CfnResource, IInspectable
Syntax (vb)
Public Class CfnPermission
Inherits CfnResource
Implements IInspectable
Remarks
About permissions - If the private CA and the certificates it issues reside in the same account, you can use AWS::ACMPCA::Permission
to grant permissions for ACM to carry out automatic certificate renewals.
To update an <code>AWS::ACMPCA::Permission</code> resource, you must first delete the existing permission resource from the CloudFormation stack and then create a new permission resource with updated properties.
See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-acmpca-permission.html
CloudformationResource: AWS::ACMPCA::Permission
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.AWS.ACMPCA;
var cfnPermission = new CfnPermission(this, "MyCfnPermission", new CfnPermissionProps {
Actions = new [] { "actions" },
CertificateAuthorityArn = "certificateAuthorityArn",
Principal = "principal",
// the properties below are optional
SourceAccount = "sourceAccount"
});
Synopsis
Constructors
CfnPermission(ByRefValue) | Used by jsii to construct an instance of this class from a Javascript-owned object reference |
CfnPermission(DeputyBase.DeputyProps) | Used by jsii to construct an instance of this class from DeputyProps |
CfnPermission(Construct, String, ICfnPermissionProps) |
Properties
Actions | The private CA actions that can be performed by the designated AWS service. |
CertificateAuthorityArn | The Amazon Resource Number (ARN) of the private CA from which the permission was issued. |
CFN_RESOURCE_TYPE_NAME | The CloudFormation resource type name for this resource class. |
CfnProperties | |
Principal | The AWS service or entity that holds the permission. |
SourceAccount | The ID of the account that assigned the permission. |
Methods
Inspect(TreeInspector) | Examines the CloudFormation resource and discloses attributes. |
RenderProperties(IDictionary<String, Object>) |
Constructors
CfnPermission(ByRefValue)
Used by jsii to construct an instance of this class from a Javascript-owned object reference
protected CfnPermission(ByRefValue reference)
Parameters
- reference Amazon.JSII.Runtime.Deputy.ByRefValue
The Javascript-owned object reference
CfnPermission(DeputyBase.DeputyProps)
Used by jsii to construct an instance of this class from DeputyProps
protected CfnPermission(DeputyBase.DeputyProps props)
Parameters
- props Amazon.JSII.Runtime.Deputy.DeputyBase.DeputyProps
The deputy props
CfnPermission(Construct, String, ICfnPermissionProps)
public CfnPermission(Construct scope, string id, ICfnPermissionProps props)
Parameters
- scope Constructs.Construct
Scope in which this resource is defined.
- id System.String
Construct identifier for this resource (unique in its scope).
- props ICfnPermissionProps
Resource properties.
Properties
Actions
The private CA actions that can be performed by the designated AWS service.
public virtual string[] Actions { get; set; }
Property Value
System.String[]
CertificateAuthorityArn
The Amazon Resource Number (ARN) of the private CA from which the permission was issued.
public virtual string CertificateAuthorityArn { get; set; }
Property Value
System.String
CFN_RESOURCE_TYPE_NAME
The CloudFormation resource type name for this resource class.
public static string CFN_RESOURCE_TYPE_NAME { get; }
Property Value
System.String
CfnProperties
protected override IDictionary<string, object> CfnProperties { get; }
Property Value
System.Collections.Generic.IDictionary<System.String, System.Object>
Overrides
Principal
The AWS service or entity that holds the permission.
public virtual string Principal { get; set; }
Property Value
System.String
SourceAccount
The ID of the account that assigned the permission.
public virtual string SourceAccount { get; set; }
Property Value
System.String
Methods
Inspect(TreeInspector)
Examines the CloudFormation resource and discloses attributes.
public virtual void Inspect(TreeInspector inspector)
Parameters
- inspector TreeInspector
tree inspector to collect and process attributes.
RenderProperties(IDictionary<String, Object>)
protected override IDictionary<string, object> RenderProperties(IDictionary<string, object> props)
Parameters
- props System.Collections.Generic.IDictionary<System.String, System.Object>
Returns
System.Collections.Generic.IDictionary<System.String, System.Object>