class StreamGrants
| Language | Type name |
|---|---|
 .NET | Amazon.CDK.AWS.DynamoDB.StreamGrants |
 Go | github.com/aws/aws-cdk-go/awscdk/v2/awsdynamodb#StreamGrants |
 Java | software.amazon.awscdk.services.dynamodb.StreamGrants |
 Python | aws_cdk.aws_dynamodb.StreamGrants |
 TypeScript (source) | aws-cdk-lib » aws_dynamodb » StreamGrants |
A set of permissions to grant on a Table Stream.
Example
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import { aws_dynamodb as dynamodb } from 'aws-cdk-lib';
import { aws_kms as kms } from 'aws-cdk-lib';
import { aws_dynamodb as interfaces_aws_dynamodb } from 'aws-cdk-lib/interfaces';
declare const key: kms.Key;
declare const tableRef: interfaces_aws_dynamodb.ITableRef;
const streamGrants = new dynamodb.StreamGrants({
table: tableRef,
tableStreamArn: 'tableStreamArn',
// the properties below are optional
encryptionKey: key,
});
Initializer
new StreamGrants(props: StreamGrantsProps)
Parameters
- props
StreamGrants Props
Methods
| Name | Description |
|---|---|
| actions(grantee, ...actions) | Adds an IAM policy statement associated with this table's stream to an IAM principal's policy. |
| list(grantee) | Permits an IAM Principal to list streams attached to current dynamodb table. |
| read(grantee) | Permits an IAM principal all stream data read operations for this table's stream: DescribeStream, GetRecords, GetShardIterator, ListStreams. |
actions(grantee, ...actions)
public actions(grantee: IGrantable, ...actions: string[]): Grant
Parameters
- grantee
IGrantable— The principal (no-op if undefined). - actions
string— The set of actions to allow (i.e. "dynamodb:DescribeStream", "dynamodb:GetRecords", ...).
Returns
Adds an IAM policy statement associated with this table's stream to an IAM principal's policy.
If encryptionKey is present, appropriate grants to the key needs to be added
separately using the table.encryptionKey.grant* methods.
list(grantee)
public list(grantee: IGrantable): Grant
Parameters
- grantee
IGrantable— The principal (no-op if undefined).
Returns
Permits an IAM Principal to list streams attached to current dynamodb table.
read(grantee)
public read(grantee: IGrantable): Grant
Parameters
- grantee
IGrantable— The principal to grant access to.
Returns
Permits an IAM principal all stream data read operations for this table's stream: DescribeStream, GetRecords, GetShardIterator, ListStreams.
Appropriate grants will also be added to the customer-managed KMS key if one was configured.