enum Effect
| Language | Type name |
|---|---|
 .NET | Amazon.CDK.AWS.IAM.Effect |
 Go | github.com/aws/aws-cdk-go/awscdk/v2/awsiam#Effect |
 Java | software.amazon.awscdk.services.iam.Effect |
 Python | aws_cdk.aws_iam.Effect |
 TypeScript (source) | aws-cdk-lib » aws_iam » Effect |
The Effect element of an IAM policy.
Example
import { WebSocketIamAuthorizer } from 'aws-cdk-lib/aws-apigatewayv2-authorizers';
import { WebSocketLambdaIntegration } from 'aws-cdk-lib/aws-apigatewayv2-integrations';
// This function handles your connect route
declare const connectHandler: lambda.Function;
const webSocketApi = new apigwv2.WebSocketApi(this, 'WebSocketApi');
webSocketApi.addRoute('$connect', {
integration: new WebSocketLambdaIntegration('Integration', connectHandler),
authorizer: new WebSocketIamAuthorizer()
});
// Create an IAM user (identity)
const user = new iam.User(this, 'User');
const webSocketArn = Stack.of(this).formatArn({
service: 'execute-api',
resource: webSocketApi.apiId,
});
// Grant access to the IAM user
user.attachInlinePolicy(new iam.Policy(this, 'AllowInvoke', {
statements: [
new iam.PolicyStatement({
actions: ['execute-api:Invoke'],
effect: iam.Effect.ALLOW,
resources: [webSocketArn],
}),
],
}));
Members
| Name | Description |
|---|---|
| ALLOW | Allows access to a resource in an IAM policy statement. |
| DENY | Explicitly deny access to a resource. |
ALLOW
Allows access to a resource in an IAM policy statement.
By default, access to resources are denied.
DENY
Explicitly deny access to a resource.
By default, all requests are denied implicitly.