SdkCallsPolicyOptions

class aws_cdk.custom_resources.SdkCallsPolicyOptions(*, resources)

Bases: object

Options for the auto-generation of policies based on the configured SDK calls.

Parameters:

resources (Sequence[str]) – The resources that the calls will have access to. It is best to use specific resource ARN’s when possible. However, you can also use AwsCustomResourcePolicy.ANY_RESOURCE to allow access to all resources. For example, when onCreate is used to create a resource which you don’t know the physical name of in advance. Note that will apply to ALL SDK calls.

ExampleMetadata:

infused

Example:

aws_custom = cr.AwsCustomResource(self, "aws-custom",
    on_create=cr.AwsSdkCall(
        service="...",
        action="...",
        parameters={
            "text": "..."
        },
        physical_resource_id=cr.PhysicalResourceId.of("...")
    ),
    on_update=cr.AwsSdkCall(
        service="...",
        action="...",
        parameters={
            "text": "...",
            "resource_id": cr.PhysicalResourceIdReference()
        }
    ),
    policy=cr.AwsCustomResourcePolicy.from_sdk_calls(
        resources=cr.AwsCustomResourcePolicy.ANY_RESOURCE
    )
)

Attributes

resources

The resources that the calls will have access to.

It is best to use specific resource ARN’s when possible. However, you can also use AwsCustomResourcePolicy.ANY_RESOURCE to allow access to all resources. For example, when onCreate is used to create a resource which you don’t know the physical name of in advance.

Note that will apply to ALL SDK calls.