GrantOnPrincipalAndResourceOptions

class aws_cdk.aws_iam.GrantOnPrincipalAndResourceOptions(*, actions, grantee, resource_arns, resource, resource_policy_principal=None, resource_self_arns=None)

Bases: aws_cdk.aws_iam.CommonGrantOptions

(experimental) Options for a grant operation to both identity and resource.

Parameters

  • actions (Sequence[str]) – (experimental) The actions to grant.

  • grantee (IGrantable) – (experimental) The principal to grant to. Default: if principal is undefined, no work is done.

  • resource_arns (Sequence[str]) – (experimental) The resource ARNs to grant to.

  • resource (IResourceWithPolicy) – (experimental) The resource with a resource policy. The statement will always be added to the resource policy.

  • resource_policy_principal (Optional[IPrincipal]) – (experimental) The principal to use in the statement for the resource policy. Default: - the principal of the grantee will be used

  • resource_self_arns (Optional[Sequence[str]]) – (experimental) When referring to the resource in a resource policy, use this as ARN. (Depending on the resource type, this needs to be ‘*’ in a resource policy). Default: Same as regular resource ARNs

Stability

experimental

Attributes

actions

(experimental) The actions to grant.

Stability

experimental

Return type

List[str]

grantee

(experimental) The principal to grant to.

Default

if principal is undefined, no work is done.

Stability

experimental

Return type

IGrantable

resource

(experimental) The resource with a resource policy.

The statement will always be added to the resource policy.

Stability

experimental

Return type

IResourceWithPolicy

resource_arns

(experimental) The resource ARNs to grant to.

Stability

experimental

Return type

List[str]

resource_policy_principal

(experimental) The principal to use in the statement for the resource policy.

Default

  • the principal of the grantee will be used

Stability

experimental

Return type

Optional[IPrincipal]

resource_self_arns

(experimental) When referring to the resource in a resource policy, use this as ARN.

(Depending on the resource type, this needs to be ‘*’ in a resource policy).

Default

Same as regular resource ARNs

Stability

experimental

Return type

Optional[List[str]]