UNPKG

2.04 kBTypeScriptView Raw
1import { IResource, Resource, SecretValue } from '@aws-cdk/core';
2import { Construct } from 'constructs';
3import { IUser } from './user';
4/**
5 * Valid statuses for an IAM Access Key.
6 */
7export declare enum AccessKeyStatus {
8 /**
9 * An active access key. An active key can be used to make API calls.
10 */
11 ACTIVE = "Active",
12 /**
13 * An inactive access key. An inactive key cannot be used to make API calls.
14 */
15 INACTIVE = "Inactive"
16}
17/**
18 * Represents an IAM Access Key.
19 *
20 * @see https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html
21 */
22export interface IAccessKey extends IResource {
23 /**
24 * The Access Key ID.
25 *
26 * @attribute
27 */
28 readonly accessKeyId: string;
29 /**
30 * The Secret Access Key.
31 *
32 * @attribute
33 */
34 readonly secretAccessKey: SecretValue;
35}
36/**
37 * Properties for defining an IAM access key.
38 */
39export interface AccessKeyProps {
40 /**
41 * A CloudFormation-specific value that signifies the access key should be
42 * replaced/rotated. This value can only be incremented. Incrementing this
43 * value will cause CloudFormation to replace the Access Key resource.
44 *
45 * @default - No serial value
46 */
47 readonly serial?: number;
48 /**
49 * The status of the access key. An Active access key is allowed to be used
50 * to make API calls; An Inactive key cannot.
51 *
52 * @default - The access key is active
53 */
54 readonly status?: AccessKeyStatus;
55 /**
56 * The IAM user this key will belong to.
57 *
58 * Changing this value will result in the access key being deleted and a new
59 * access key (with a different ID and secret value) being assigned to the new
60 * user.
61 */
62 readonly user: IUser;
63}
64/**
65 * Define a new IAM Access Key.
66 */
67export declare class AccessKey extends Resource implements IAccessKey {
68 readonly accessKeyId: string;
69 readonly secretAccessKey: SecretValue;
70 constructor(scope: Construct, id: string, props: AccessKeyProps);
71}