UNPKG

@aws-cdk/aws-iam/lib/lazy-role.d.ts

Version:

2.83 kBTypeScriptView Raw

1import * as cdk from '@aws-cdk/core';
2import { Construct } from 'constructs';
3import { Grant } from './grant';
4import { IManagedPolicy } from './managed-policy';
5import { Policy } from './policy';
6import { PolicyStatement } from './policy-statement';
7import { AddToPrincipalPolicyResult, IPrincipal, PrincipalPolicyFragment } from './principals';
8import { IRole, RoleProps } from './role';
9/**
* Properties for defining a LazyRole
*/
12export interface LazyRoleProps extends RoleProps {
13}
14/**
* An IAM role that only gets attached to the construct tree once it gets used, not before
*
* This construct can be used to simplify logic in other constructs
* which need to create a role but only if certain configurations occur
* (such as when AutoScaling is configured). The role can be configured in one
* place, but if it never gets used it doesn't get instantiated and will
* not be synthesized or deployed.
*
* @resource AWS::IAM::Role
*/
25export declare class LazyRole extends cdk.Resource implements IRole {
  private readonly props;
  readonly grantPrincipal: IPrincipal;
  readonly principalAccount: string | undefined;
  readonly assumeRoleAction: string;
  private role?;
  private readonly statements;
  private readonly policies;
  private readonly managedPolicies;
  constructor(scope: Construct, id: string, props: LazyRoleProps);
  /**
   * Adds a permission to the role's default policy document.
   * If there is no default policy attached to this role, it will be created.
   * @param statement The permission statement to add to the policy document
   */
  addToPrincipalPolicy(statement: PolicyStatement): AddToPrincipalPolicyResult;
  addToPolicy(statement: PolicyStatement): boolean;
  /**
   * Attaches a policy to this role.
   * @param policy The policy to attach
   */
  attachInlinePolicy(policy: Policy): void;
  /**
   * Attaches a managed policy to this role.
   * @param policy The managed policy to attach.
   */
  addManagedPolicy(policy: IManagedPolicy): void;
  /**
   * Returns the ARN of this role.
   */
  get roleArn(): string;
  /**
   * Returns the stable and unique string identifying the role (i.e. AIDAJQABLZS4A3QDU576Q)
   *
   * @attribute
   */
  get roleId(): string;
  get roleName(): string;
  get policyFragment(): PrincipalPolicyFragment;
  /**
   * Grant the actions defined in actions to the identity Principal on this resource.
   */
  grant(identity: IPrincipal, ...actions: string[]): Grant;
  /**
   * Grant permissions to the given principal to pass this role.
   */
  grantPassRole(identity: IPrincipal): Grant;
  /**
   * Grant permissions to the given principal to assume this role.
   */
  grantAssumeRole(identity: IPrincipal): Grant;
  private instantiate;
77}

1	`import * as cdk from '@aws-cdk/core';`
2	`import { Construct } from 'constructs';`
3	`import { Grant } from './grant';`
4	`import { IManagedPolicy } from './managed-policy';`
5	`import { Policy } from './policy';`
6	`import { PolicyStatement } from './policy-statement';`
7	`import { AddToPrincipalPolicyResult, IPrincipal, PrincipalPolicyFragment } from './principals';`
8	`import { IRole, RoleProps } from './role';`
9	`/**`
10	`* Properties for defining a LazyRole`
11	`*/`
12	`export interface LazyRoleProps extends RoleProps {`
13	`}`
14	`/**`
15	`* An IAM role that only gets attached to the construct tree once it gets used, not before`
16	`*`
17	`* This construct can be used to simplify logic in other constructs`
18	`* which need to create a role but only if certain configurations occur`
19	`* (such as when AutoScaling is configured). The role can be configured in one`
20	`* place, but if it never gets used it doesn't get instantiated and will`
21	`* not be synthesized or deployed.`
22	`*`
23	`* @resource AWS::IAM::Role`
24	`*/`
25	`export declare class LazyRole extends cdk.Resource implements IRole {`
26	`private readonly props;`
27	`readonly grantPrincipal: IPrincipal;`
28	`readonly principalAccount: string \| undefined;`
29	`readonly assumeRoleAction: string;`
30	`private role?;`
31	`private readonly statements;`
32	`private readonly policies;`
33	`private readonly managedPolicies;`
34	`constructor(scope: Construct, id: string, props: LazyRoleProps);`
35	`/**`
36	`* Adds a permission to the role's default policy document.`
37	`* If there is no default policy attached to this role, it will be created.`
38	`* @param statement The permission statement to add to the policy document`
39	`*/`
40	`addToPrincipalPolicy(statement: PolicyStatement): AddToPrincipalPolicyResult;`
41	`addToPolicy(statement: PolicyStatement): boolean;`
42	`/**`
43	`* Attaches a policy to this role.`
44	`* @param policy The policy to attach`
45	`*/`
46	`attachInlinePolicy(policy: Policy): void;`
47	`/**`
48	`* Attaches a managed policy to this role.`
49	`* @param policy The managed policy to attach.`
50	`*/`
51	`addManagedPolicy(policy: IManagedPolicy): void;`
52	`/**`
53	`* Returns the ARN of this role.`
54	`*/`
55	`get roleArn(): string;`
56	`/**`
57	`* Returns the stable and unique string identifying the role (i.e. AIDAJQABLZS4A3QDU576Q)`
58	`*`
59	`* @attribute`
60	`*/`
61	`get roleId(): string;`
62	`get roleName(): string;`
63	`get policyFragment(): PrincipalPolicyFragment;`
64	`/**`
65	`* Grant the actions defined in actions to the identity Principal on this resource.`
66	`*/`
67	`grant(identity: IPrincipal, ...actions: string[]): Grant;`
68	`/**`
69	`* Grant permissions to the given principal to pass this role.`
70	`*/`
71	`grantPassRole(identity: IPrincipal): Grant;`
72	`/**`
73	`* Grant permissions to the given principal to assume this role.`
74	`*/`
75	`grantAssumeRole(identity: IPrincipal): Grant;`
76	`private instantiate;`
77	`}`