AWS Linkable helper
The AWS Permission Linkable helper is used to define the AWS permissions included with the
sst.Linkable component.
sst.aws.permission({ actions: ["lambda:InvokeFunction"], resources: ["*"]})Functions
permission
permission(input)Parameters
-
inputInputArgs
Returns Object
The AWS Permission Linkable helper is used to define the AWS permissions included with the
sst.Linkable component.
sst.aws.permission({ actions: ["lambda:InvokeFunction"], resources: ["*"]})InputArgs
actions
conditions?
Type Input<Input<Object>[]>
Configure specific conditions for when the policy is in effect.
{ conditions: [ { test: "StringEquals", variable: "s3:x-amz-server-side-encryption", values: ["AES256"] }, { test: "IpAddress", variable: "aws:SourceIp", values: ["10.0.0.0/16"] } ]}conditions[].test
Type Input<string>
Name of the IAM condition operator to evaluate.
conditions[].values
Type Input<Input<string>[]>
The values to evaluate the condition against. If multiple values are provided, the condition matches if at least one of them applies. That is, AWS evaluates multiple values as though using an “OR” boolean operation.
conditions[].variable
Type Input<string>
Name of a Context Variable to apply the condition to. Context variables may either be standard AWS variables starting with aws: or service-specific variables prefixed with the service name.
effect?
Type “allow” | “deny”
Default “allow”
Configures whether the permission is allowed or denied.
{ effect: "deny"}resources
Type Input<Input<string>[]>
The resourcess specified using the IAM ARN format.
{ resources: ["arn:aws:s3:::my-bucket/*"]}