1 | import * as cdk from '@aws-cdk/core';
|
2 | import { Construct } from 'constructs';
|
3 | import { Grant } from './grant';
|
4 | import { IManagedPolicy } from './managed-policy';
|
5 | import { Policy } from './policy';
|
6 | import { PolicyStatement } from './policy-statement';
|
7 | import { AddToPrincipalPolicyResult, IPrincipal, PrincipalPolicyFragment } from './principals';
|
8 | import { IRole, RoleProps } from './role';
|
9 |
|
10 |
|
11 |
|
12 | export interface LazyRoleProps extends RoleProps {
|
13 | }
|
14 |
|
15 |
|
16 |
|
17 |
|
18 |
|
19 |
|
20 |
|
21 |
|
22 |
|
23 |
|
24 |
|
25 | export declare class LazyRole extends cdk.Resource implements IRole {
|
26 | private readonly props;
|
27 | readonly grantPrincipal: IPrincipal;
|
28 | readonly principalAccount: string | undefined;
|
29 | readonly assumeRoleAction: string;
|
30 | private role?;
|
31 | private readonly statements;
|
32 | private readonly policies;
|
33 | private readonly managedPolicies;
|
34 | constructor(scope: Construct, id: string, props: LazyRoleProps);
|
35 | /**
|
36 | * Adds a permission to the role's default policy document.
|
37 | * If there is no default policy attached to this role, it will be created.
|
38 | * @param statement The permission statement to add to the policy document
|
39 | */
|
40 | addToPrincipalPolicy(statement: PolicyStatement): AddToPrincipalPolicyResult;
|
41 | addToPolicy(statement: PolicyStatement): boolean;
|
42 | /**
|
43 | * Attaches a policy to this role.
|
44 | * @param policy The policy to attach
|
45 | */
|
46 | attachInlinePolicy(policy: Policy): void;
|
47 | /**
|
48 | * Attaches a managed policy to this role.
|
49 | * @param policy The managed policy to attach.
|
50 | */
|
51 | addManagedPolicy(policy: IManagedPolicy): void;
|
52 | /**
|
53 | * Returns the ARN of this role.
|
54 | */
|
55 | get roleArn(): string;
|
56 | /**
|
57 | * Returns the stable and unique string identifying the role (i.e. AIDAJQABLZS4A3QDU576Q)
|
58 | *
|
59 | * @attribute
|
60 | */
|
61 | get roleId(): string;
|
62 | get roleName(): string;
|
63 | get policyFragment(): PrincipalPolicyFragment;
|
64 | /**
|
65 | * Grant the actions defined in actions to the identity Principal on this resource.
|
66 | */
|
67 | grant(identity: IPrincipal, ...actions: string[]): Grant;
|
68 | /**
|
69 | * Grant permissions to the given principal to pass this role.
|
70 | */
|
71 | grantPassRole(identity: IPrincipal): Grant;
|
72 | /**
|
73 | * Grant permissions to the given principal to assume this role.
|
74 | */
|
75 | grantAssumeRole(identity: IPrincipal): Grant;
|
76 | private instantiate;
|
77 | }
|