Package software.amazon.awscdk.cfnpropertymixins.services.acmpca

Class CfnPermissionPropsMixin

java.lang.Object
software.amazon.jsii.JsiiObject
software.amazon.awscdk.Mixin
software.amazon.awscdk.cfnpropertymixins.services.acmpca.CfnPermissionPropsMixin
All Implemented Interfaces:
software.amazon.jsii.JsiiSerializable, software.constructs.IMixin
@Generated(value="jsii-pacmak/1.127.0 (build 2117ad5)", date="2026-03-19T12:55:16.255Z") @Stability(Stable) public class CfnPermissionPropsMixin extends Mixin implements software.constructs.IMixin
Grants permissions to the Certificate Manager ( ACM ) service principal ( acm.amazonaws.com ) to perform IssueCertificate , GetCertificate , and ListPermissions actions on a CA. These actions are needed for the ACM principal to renew private PKI certificates requested through ACM and residing in the same AWS account as the CA.

About permissions - If the private CA and the certificates it issues reside in the same account, you can use AWS::ACMPCA::Permission to grant permissions for ACM to carry out automatic certificate renewals.

  • For automatic certificate renewal to succeed, the ACM service principal needs permissions to create, retrieve, and list permissions.
  • If the private CA and the ACM certificates reside in different accounts, then permissions cannot be used to enable automatic renewals. Instead, the ACM certificate owner must set up a resource-based policy to enable cross-account issuance and renewals. For more information, see Using a Resource Based Policy with AWS Private CA .

To update an AWS::ACMPCA::Permission resource, you must first delete the existing permission resource from the CloudFormation stack and then create a new permission resource with updated properties.

Example: 

 // The code below shows an example of how to instantiate this type.
 // The values are placeholders you should change.
 import software.amazon.awscdk.cfnpropertymixins.services.acmpca.*;
 import software.amazon.awscdk.*;
 IMergeStrategy mergeStrategy;
 CfnPermissionPropsMixin cfnPermissionPropsMixin = CfnPermissionPropsMixin.Builder.create(CfnPermissionMixinProps.builder()
         .actions(List.of("actions"))
         .certificateAuthorityArn("certificateAuthorityArn")
         .principal("principal")
         .sourceAccount("sourceAccount")
         .build())
 .strategy(mergeStrategy)
 .build();

See Also:

  • Field Details

    • CFN_PROPERTY_KEYS

      @Stability(Stable) protected static final List<String> CFN_PROPERTY_KEYS

  • Constructor Details

    • CfnPermissionPropsMixin

      protected CfnPermissionPropsMixin(software.amazon.jsii.JsiiObjectRef objRef)

    • CfnPermissionPropsMixin

      protected CfnPermissionPropsMixin(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)

    • CfnPermissionPropsMixin

      @Stability(Stable) public CfnPermissionPropsMixin(@NotNull CfnPermissionMixinProps props, @Nullable CfnPropertyMixinOptions options)
      Create a mixin to apply properties to AWS::ACMPCA::Permission.

      Parameters:
      props - L1 properties to apply. This parameter is required.
      options - Mixin options.

    • CfnPermissionPropsMixin

      @Stability(Stable) public CfnPermissionPropsMixin(@NotNull CfnPermissionMixinProps props)
      Create a mixin to apply properties to AWS::ACMPCA::Permission.

      Parameters:
      props - L1 properties to apply. This parameter is required.

  • Method Details

    • applyTo

      @Stability(Stable) public void applyTo(@NotNull software.constructs.IConstruct construct)
      Apply the mixin properties to the construct.

      Specified by:
      applyTo in interface software.constructs.IMixin
      Specified by:
      applyTo in class Mixin
      Parameters:
      construct - This parameter is required.

    • supports

      @Stability(Stable) @NotNull public Boolean supports(@NotNull software.constructs.IConstruct construct)
      Check if this mixin supports the given construct.

      Specified by:
      supports in interface software.constructs.IMixin
      Overrides:
      supports in class Mixin
      Parameters:
      construct - This parameter is required.

    • getProps

      @Stability(Stable) @NotNull protected CfnPermissionMixinProps getProps()

    • getStrategy

      @Stability(Stable) @NotNull protected IMergeStrategy getStrategy()