TableGrantsProps

class aws_cdk.aws_dynamodb.TableGrantsProps(*, table, encrypted_resource=None, has_index=None, policy_resource=None, regions=None)

Bases: object

Construction properties for TableGrants.

Parameters:

  • table (ITableRef) – The table to grant permissions on.

  • encrypted_resource (Optional[IEncryptedResource]) – (deprecated) The encrypted resource on which actions will be allowed. Default: - A best-effort attempt will be made to discover an associated KMS key and grant permissions to it.

  • has_index (Optional[bool]) – Whether this table has indexes. If so, permissions are granted on all table indexes as well. Default: false

  • policy_resource (Optional[IResourceWithPolicyV2]) – (deprecated) The resource with policy on which actions will be allowed. Default: - A best-effort attempt will be made to discover a resource policy and add permissions to it.

  • regions (Optional[Sequence[str]]) – Additional regions other than the main one that this table is replicated to. Default: - No regions

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk import aws_dynamodb as dynamodb
from aws_cdk import aws_iam as iam
from aws_cdk.interfaces import aws_dynamodb as interfaces_dynamodb

# encrypted_resource: iam.IEncryptedResource
# resource_with_policy_v2: iam.IResourceWithPolicyV2
# table_ref: interfaces_dynamodb.ITableRef

table_grants_props = dynamodb.TableGrantsProps(
    table=table_ref,

    # the properties below are optional
    encrypted_resource=encrypted_resource,
    has_index=False,
    policy_resource=resource_with_policy_v2,
    regions=["regions"]
)

Attributes

encrypted_resource

(deprecated) The encrypted resource on which actions will be allowed.

Default:

  • A best-effort attempt will be made to discover an associated KMS key and grant permissions to it.

Deprecated:

  • Leave this field undefined. If the table is encrypted with a customer-managed KMS key, appropriate

grants to the key will be automatically added.

Stability:

deprecated

has_index

Whether this table has indexes.

If so, permissions are granted on all table indexes as well.

Default:

false

policy_resource

(deprecated) The resource with policy on which actions will be allowed.

Default:

  • A best-effort attempt will be made to discover a resource policy and add permissions to it.

Deprecated:

  • Leave this field undefined. A best-effort attempt will be made to discover a resource policy and add

permissions to it.

Stability:

deprecated

regions

Additional regions other than the main one that this table is replicated to.

Default:

  • No regions

table

The table to grant permissions on.