software.amazon.awscdk.services.lambda

Class Permission.Builder

java.lang.Object

software.amazon.awscdk.services.lambda.Permission.Builder

Enclosing interface:

Permission

public static final class Permission.Builder
extends Object

A builder for Permission

Constructor Summary

Constructors

Constructor and Description
Builder()

Method Summary

Modifier and Type	Method and Description
Permission	build() Builds the configured instance.
Permission.Builder	withAction(String value) Sets the value of Action
Permission.Builder	withEventSourceToken(String value) Sets the value of EventSourceToken
Permission.Builder	withPrincipal(software.amazon.awscdk.services.iam.PolicyPrincipal value) Sets the value of Principal
Permission.Builder	withSourceAccount(String value) Sets the value of SourceAccount
Permission.Builder	withSourceArn(String value) Sets the value of SourceArn

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

Builder

public Builder()

Method Detail

withPrincipal

public Permission.Builder withPrincipal(software.amazon.awscdk.services.iam.PolicyPrincipal value)

Sets the value of Principal

Parameters:

value - The entity for which you are granting permission to invoke the Lambda function. This entity can be any valid AWS service principal, such as s3.amazonaws.com or sns.amazonaws.com, or, if you are granting cross-account permission, an AWS account ID. For example, you might want to allow a custom application in another AWS account to push events to Lambda by invoking your function. The principal can be either an AccountPrincipal or a ServicePrincipal.

Returns:

this

withAction

public Permission.Builder withAction(@Nullable
                                     String value)

Sets the value of Action

Parameters:

value - The Lambda actions that you want to allow in this statement. For example, you can specify lambda:CreateFunction to specify a certain action, or use a wildcard (``lambda:*``) to grant permission to all Lambda actions. For a list of actions, see Actions and Condition Context Keys for AWS Lambda in the IAM User Guide.

Returns:

this

withEventSourceToken

public Permission.Builder withEventSourceToken(@Nullable
                                               String value)

Sets the value of EventSourceToken

Parameters:

value - A unique token that must be supplied by the principal invoking the function.

Returns:

this

withSourceAccount

public Permission.Builder withSourceAccount(@Nullable
                                            String value)

Sets the value of SourceAccount

Parameters:

value - The AWS account ID (without hyphens) of the source owner. For example, if you specify an S3 bucket in the SourceArn property, this value is the bucket owner's account ID. You can use this property to ensure that all source principals are owned by a specific account.

Returns:

this

withSourceArn

public Permission.Builder withSourceArn(@Nullable
                                        String value)

Sets the value of SourceArn

Parameters:

value - The ARN of a resource that is invoking your function. When granting Amazon Simple Storage Service (Amazon S3) permission to invoke your function, specify this property with the bucket ARN as its value. This ensures that events generated only from the specified bucket, not just any bucket from any AWS account that creates a mapping to your function, can invoke the function.

Returns:

this

build

public Permission build()

Builds the configured instance.

Returns:

a new instance of Permission

Throws:

NullPointerException - if any required attribute was not provided