CfnPermissionPropsMixin

class aws_cdk.mixins_preview.aws_lambda.mixins.CfnPermissionPropsMixin(props, *, strategy=None)

Bases: Mixin

The AWS::Lambda::Permission resource grants an AWS service or another account permission to use a function.

You can apply the policy at the function level, or specify a qualifier to restrict access to a single version or alias. If you use a qualifier, the invoker must use the full Amazon Resource Name (ARN) of that version or alias to invoke the function.

To grant permission to another account, specify the account ID as the Principal . To grant permission to an organization defined in AWS Organizations , specify the organization ID as the PrincipalOrgID . For AWS services, the principal is a domain-style identifier defined by the service, like s3.amazonaws.com or sns.amazonaws.com . For AWS services, you can also specify the ARN of the associated resource as the SourceArn . If you grant permission to a service principal without specifying the source, other accounts could potentially configure resources in their account to invoke your Lambda function.

If your function has a function URL, you can specify the FunctionUrlAuthType parameter. This adds a condition to your permission that only applies when your function URL’s AuthType matches the specified FunctionUrlAuthType . For more information about the AuthType parameter, see Control access to Lambda function URLs .

This resource adds a statement to a resource-based permission policy for the function. For more information about function policies, see Lambda Function Policies .

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-permission.html
CloudformationResource:: AWS::Lambda::Permission
Mixin:: true
ExampleMetadata:: fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview import mixins
from aws_cdk.mixins_preview.aws_lambda import mixins as lambda_mixins

cfn_permission_props_mixin = lambda_mixins.CfnPermissionPropsMixin(lambda_mixins.CfnPermissionMixinProps(
    action="action",
    event_source_token="eventSourceToken",
    function_name="functionName",
    function_url_auth_type="functionUrlAuthType",
    invoked_via_function_url=False,
    principal="principal",
    principal_org_id="principalOrgId",
    source_account="sourceAccount",
    source_arn="sourceArn"
),
    strategy=mixins.PropertyMergeStrategy.OVERRIDE
)

Create a mixin to apply properties to AWS::Lambda::Permission.

Parameters:

props (Union[CfnPermissionMixinProps, Dict[str, Any]]) – L1 properties to apply.
strategy (Optional[PropertyMergeStrategy]) – (experimental) Strategy for merging nested properties. Default: - PropertyMergeStrategy.MERGE

Methods

apply_to(construct)

Apply the mixin properties to the construct.

Parameters:: construct (IConstruct)
Return type:: IConstruct

supports(construct)

Check if this mixin supports the given construct.

Parameters:: construct (IConstruct)
Return type:: bool

Attributes

CFN_PROPERTY_KEYS = ['action', 'eventSourceToken', 'functionName', 'functionUrlAuthType', 'invokedViaFunctionUrl', 'principal', 'principalOrgId', 'sourceAccount', 'sourceArn']

Static Methods

classmethod is_mixin(x)

(experimental) Checks if x is a Mixin.

Parameters:: x (Any) – Any object.
Return type:: bool
Returns:: true if x is an object created from a class which extends Mixin.
Stability:: experimental