UNPKG

@aws-cdk/aws-iam/lib/private/immutable-role.d.ts

Version:

1.82 kBTypeScriptView Raw

1import { Resource } from '@aws-cdk/core';
2import { Construct } from 'constructs';
3import { Grant } from '../grant';
4import { IManagedPolicy } from '../managed-policy';
5import { Policy } from '../policy';
6import { PolicyStatement } from '../policy-statement';
7import { AddToPrincipalPolicyResult, IPrincipal } from '../principals';
8import { IRole } from '../role';
9/**
* An immutable wrapper around an IRole
*
* This wrapper ignores all mutating operations, like attaching policies or
* adding policy statements.
*
* Useful in cases where you want to turn off CDK's automatic permissions
* management, and instead have full control over all permissions.
*
* Note: if you want to ignore all mutations for an externally defined role
* which was imported into the CDK with {@link Role.fromRoleArn}, you don't have to use this class -
* simply pass the property mutable = false when calling {@link Role.fromRoleArn}.
*/
22export declare class ImmutableRole extends Resource implements IRole {
  private readonly role;
  private readonly addGrantsToResources;
  readonly assumeRoleAction: string;
  readonly policyFragment: import("../principals").PrincipalPolicyFragment;
  readonly grantPrincipal: this;
  readonly principalAccount: string | undefined;
  readonly roleArn: string;
  readonly roleName: string;
  readonly stack: import("@aws-cdk/core").Stack;
  constructor(scope: Construct, id: string, role: IRole, addGrantsToResources: boolean);
  attachInlinePolicy(_policy: Policy): void;
  addManagedPolicy(_policy: IManagedPolicy): void;
  addToPolicy(statement: PolicyStatement): boolean;
  addToPrincipalPolicy(_statement: PolicyStatement): AddToPrincipalPolicyResult;
  grant(grantee: IPrincipal, ...actions: string[]): Grant;
  grantPassRole(grantee: IPrincipal): Grant;
39}

1	`import { Resource } from '@aws-cdk/core';`
2	`import { Construct } from 'constructs';`
3	`import { Grant } from '../grant';`
4	`import { IManagedPolicy } from '../managed-policy';`
5	`import { Policy } from '../policy';`
6	`import { PolicyStatement } from '../policy-statement';`
7	`import { AddToPrincipalPolicyResult, IPrincipal } from '../principals';`
8	`import { IRole } from '../role';`
9	`/**`
10	`* An immutable wrapper around an IRole`
11	`*`
12	`* This wrapper ignores all mutating operations, like attaching policies or`
13	`* adding policy statements.`
14	`*`
15	`* Useful in cases where you want to turn off CDK's automatic permissions`
16	`* management, and instead have full control over all permissions.`
17	`*`
18	`* Note: if you want to ignore all mutations for an externally defined role`
19	`* which was imported into the CDK with {@link Role.fromRoleArn}, you don't have to use this class -`
20	`* simply pass the property mutable = false when calling {@link Role.fromRoleArn}.`
21	`*/`
22	`export declare class ImmutableRole extends Resource implements IRole {`
23	`private readonly role;`
24	`private readonly addGrantsToResources;`
25	`readonly assumeRoleAction: string;`
26	`readonly policyFragment: import("../principals").PrincipalPolicyFragment;`
27	`readonly grantPrincipal: this;`
28	`readonly principalAccount: string \| undefined;`
29	`readonly roleArn: string;`
30	`readonly roleName: string;`
31	`readonly stack: import("@aws-cdk/core").Stack;`
32	`constructor(scope: Construct, id: string, role: IRole, addGrantsToResources: boolean);`
33	`attachInlinePolicy(_policy: Policy): void;`
34	`addManagedPolicy(_policy: IManagedPolicy): void;`
35	`addToPolicy(statement: PolicyStatement): boolean;`
36	`addToPrincipalPolicy(_statement: PolicyStatement): AddToPrincipalPolicyResult;`
37	`grant(grantee: IPrincipal, ...actions: string[]): Grant;`
38	`grantPassRole(grantee: IPrincipal): Grant;`
39	`}`