Show / Hide Table of Contents

Class Grant

Result of a grant() operation.

Inheritance
System.Object
Grant
Implements
Constructs.IDependable
Namespace: Amazon.CDK.AWS.IAM
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public class Grant : DeputyBase
Syntax (vb)
Public Class Grant
    Inherits DeputyBase
Remarks

This class is not instantiable by consumers on purpose, so that they will be required to call the Grant factory functions.

ExampleMetadata: infused

Examples
// Example automatically generated from non-compiling source. May contain errors.
Instance instance;
Volume volume;


var attachGrant = volume.GrantAttachVolumeByResourceTag(instance.GrantPrincipal, new [] { instance });
var detachGrant = volume.GrantDetachVolumeByResourceTag(instance.GrantPrincipal, new [] { instance });

Synopsis

Constructors

Grant(ByRefValue)

Used by jsii to construct an instance of this class from a Javascript-owned object reference

Grant(DeputyBase.DeputyProps)

Used by jsii to construct an instance of this class from DeputyProps

Properties

PrincipalStatement

(deprecated) The statement that was added to the principal's policy.

PrincipalStatements

The statements that were added to the principal's policy.

ResourceStatement

(deprecated) The statement that was added to the resource policy.

ResourceStatements

The statements that were added to the principal's policy.

Success

Whether the grant operation was successful.

Methods

AddToPrincipal(IGrantOnPrincipalOptions)

Try to grant the given permissions to the given principal.

AddToPrincipalAndResource(IGrantOnPrincipalAndResourceOptions)

Add a grant both on the principal and on the resource.

AddToPrincipalOrResource(IGrantWithResourceOptions)

Grant the given permissions to the principal.

ApplyBefore(IConstruct[])

Make sure this grant is applied before the given constructs are deployed.

AssertSuccess()

Throw an error if this grant wasn't successful.

Combine(Grant)

Combine two grants into a new one.

Drop(IGrantable, String)

Returns a "no-op" Grant object which represents a "dropped grant".

Constructors

Grant(ByRefValue)

Used by jsii to construct an instance of this class from a Javascript-owned object reference

protected Grant(ByRefValue reference)
Parameters
reference Amazon.JSII.Runtime.Deputy.ByRefValue

The Javascript-owned object reference

Grant(DeputyBase.DeputyProps)

Used by jsii to construct an instance of this class from DeputyProps

protected Grant(DeputyBase.DeputyProps props)
Parameters
props Amazon.JSII.Runtime.Deputy.DeputyBase.DeputyProps

The deputy props

Properties

PrincipalStatement

(deprecated) The statement that was added to the principal's policy.

public virtual PolicyStatement PrincipalStatement { get; }
Property Value

PolicyStatement

Remarks

Stability: Deprecated

PrincipalStatements

The statements that were added to the principal's policy.

public virtual PolicyStatement[] PrincipalStatements { get; }
Property Value

PolicyStatement[]

ResourceStatement

(deprecated) The statement that was added to the resource policy.

public virtual PolicyStatement ResourceStatement { get; }
Property Value

PolicyStatement

Remarks

Stability: Deprecated

ResourceStatements

The statements that were added to the principal's policy.

public virtual PolicyStatement[] ResourceStatements { get; }
Property Value

PolicyStatement[]

Success

Whether the grant operation was successful.

public virtual bool Success { get; }
Property Value

System.Boolean

Methods

AddToPrincipal(IGrantOnPrincipalOptions)

Try to grant the given permissions to the given principal.

public static Grant AddToPrincipal(IGrantOnPrincipalOptions options)
Parameters
options IGrantOnPrincipalOptions
Returns

Grant

Remarks

Absence of a principal leads to a warning, but failing to add the permissions to a present principal is not an error.

AddToPrincipalAndResource(IGrantOnPrincipalAndResourceOptions)

Add a grant both on the principal and on the resource.

public static Grant AddToPrincipalAndResource(IGrantOnPrincipalAndResourceOptions options)
Parameters
options IGrantOnPrincipalAndResourceOptions
Returns

Grant

Remarks

As long as any principal is given, granting on the principal may fail (in case of a non-identity principal), but granting on the resource will never fail.

Statement will be the resource statement.

AddToPrincipalOrResource(IGrantWithResourceOptions)

Grant the given permissions to the principal.

public static Grant AddToPrincipalOrResource(IGrantWithResourceOptions options)
Parameters
options IGrantWithResourceOptions
Returns

Grant

Remarks

The permissions will be added to the principal policy primarily, falling back to the resource policy if necessary. The permissions must be granted somewhere.

    ApplyBefore(IConstruct[])

    Make sure this grant is applied before the given constructs are deployed.

    public virtual void ApplyBefore(params IConstruct[] constructs)
    Parameters
    constructs Constructs.IConstruct[]
    Remarks

    The same as construct.node.addDependency(grant), but slightly nicer to read.

    AssertSuccess()

    Throw an error if this grant wasn't successful.

    public virtual void AssertSuccess()

    Combine(Grant)

    Combine two grants into a new one.

    public virtual Grant Combine(Grant rhs)
    Parameters
    rhs Grant
    Returns

    Grant

    Drop(IGrantable, String)

    Returns a "no-op" Grant object which represents a "dropped grant".

    public static Grant Drop(IGrantable grantee, string intent)
    Parameters
    grantee IGrantable

    The intended grantee.

    intent System.String

    The user's intent (will be ignored at the moment).

    Returns

    Grant

    Remarks

    This can be used for e.g. imported resources where you may not be able to modify the resource's policy or some underlying policy which you don't know about.

    Implements

    Constructs.IDependable
    Back to top Generated by DocFX