AWS services or capabilities described in AWS Documentation may vary by region/location. Click Getting Started with Amazon AWS to see specific differences applicable to the China (Beijing) Region.
Add-LMPermission-FunctionName <String>-Action <String>-EventSourceToken <String>-FunctionUrlAuthType <FunctionUrlAuthType>-Principal <String>-PrincipalOrgID <String>-Qualifier <String>-RevisionId <String>-SourceAccount <String>-SourceArn <String>-StatementId <String>-Select <String>-PassThru <SwitchParameter>-Force <SwitchParameter>
Principal
. To grant permission to an organization defined in Organizations, specify the organization ID as the PrincipalOrgID
. For Amazon Web Services services, the principal is a domain-style identifier defined by the service, like s3.amazonaws.com
or sns.amazonaws.com
. For Amazon Web Services services, you can also specify the ARN of the associated resource as the SourceArn
. If you grant permission to a service principal without specifying the source, other accounts could potentially configure resources in their account to invoke your Lambda function.
This action adds a statement to a resource-based permissions policy for the function. For more information about function policies, see Lambda Function Policies. lambda:InvokeFunction
or lambda:GetFunction
. Required? | True |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | True |
Position? | 1 |
Accept pipeline input? | True (ByValue, ByPropertyName) |
AWS_IAM
if you want to restrict access to authenticated IAM
users only. Set to NONE
if you want to bypass IAM authentication to create a public endpoint. For more information, see Security and auth model for Lambda function URLs. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
SourceArn
or SourceAccount
to limit who can invoke the function through that service. Required? | True |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
SourceArn
to ensure that the resource is owned by the specified account. It is possible for an Amazon S3 bucket to be deleted by its owner and recreated by another account. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
StringLike
operator. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | True |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | AK |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByValue, ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByValue, ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | AWSProfilesLocation, ProfilesLocation |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | StoredCredentials, AWSProfileName |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | RegionToCall |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | SK, SecretAccessKey |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | ST |
AWS Tools for PowerShell: 2.x.y.z