UNPKG

aws-cdk-lib

Version:

Version 2 of the AWS Cloud Development Kit library

github.com/aws/aws-cdk

aws/aws-cdk

138 lines (137 loc) 6.07 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
import { Stack } from './stack'; /** * An enum representing the various ARN formats that different services use. */ export declare enum ArnFormat { /** * This represents a format where there is no 'resourceName' part. * This format is used for S3 resources, * like 'arn:aws:s3:::bucket'. * Everything after the last colon is considered the 'resource', * even if it contains slashes, * like in 'arn:aws:s3:::bucket/object.zip'. */ NO_RESOURCE_NAME = "arn:aws:service:region:account:resource", /** * This represents a format where the 'resource' and 'resourceName' * parts are separated with a colon. * Like in: 'arn:aws:service:region:account:resource:resourceName'. * Everything after the last colon is considered the 'resourceName', * even if it contains slashes, * like in 'arn:aws:apigateway:region:account:resource:/test/mydemoresource/*'. */ COLON_RESOURCE_NAME = "arn:aws:service:region:account:resource:resourceName", /** * This represents a format where the 'resource' and 'resourceName' * parts are separated with a slash. * Like in: 'arn:aws:service:region:account:resource/resourceName'. * Everything after the separating slash is considered the 'resourceName', * even if it contains colons, * like in 'arn:aws:cognito-sync:region:account:identitypool/us-east-1:1a1a1a1a-ffff-1111-9999-12345678:bla'. */ SLASH_RESOURCE_NAME = "arn:aws:service:region:account:resource/resourceName", /** * This represents a format where the 'resource' and 'resourceName' * parts are seperated with a slash, * but there is also an additional slash after the colon separating 'account' from 'resource'. * Like in: 'arn:aws:service:region:account:/resource/resourceName'. * Note that the leading slash is _not_ included in the parsed 'resource' part. */ SLASH_RESOURCE_SLASH_RESOURCE_NAME = "arn:aws:service:region:account:/resource/resourceName" } export interface ArnComponents { /** * The partition that the resource is in. For standard AWS regions, the * partition is aws. If you have resources in other partitions, the * partition is aws-partitionname. For example, the partition for resources * in the China (Beijing) region is aws-cn. * * @default The AWS partition the stack is deployed to. */ readonly partition?: string; /** * The service namespace that identifies the AWS product (for example, * 's3', 'iam', 'codepipeline'). */ readonly service: string; /** * The region the resource resides in. Note that the ARNs for some resources * do not require a region, so this component might be omitted. * * @default The region the stack is deployed to. */ readonly region?: string; /** * The ID of the AWS account that owns the resource, without the hyphens. * For example, 123456789012. Note that the ARNs for some resources don't * require an account number, so this component might be omitted. * * @default The account the stack is deployed to. */ readonly account?: string; /** * Resource type (e.g. "table", "autoScalingGroup", "certificate"). * For some resource types, e.g. S3 buckets, this field defines the bucket name. */ readonly resource: string; /** * Resource name or path within the resource (i.e. S3 bucket object key) or * a wildcard such as ``"*"``. This is service-dependent. */ readonly resourceName?: string; /** * The specific ARN format to use for this ARN value. * * @default - uses value of `sep` as the separator for formatting, * `ArnFormat.SLASH_RESOURCE_NAME` if that property was also not provided */ readonly arnFormat?: ArnFormat; } export declare class Arn { /** * Creates an ARN from components. * * If `partition`, `region` or `account` are not specified, the stack's * partition, region and account will be used. * * If any component is the empty string, an empty string will be inserted * into the generated ARN at the location that component corresponds to. * * The ARN will be formatted as follows: * * arn:{partition}:{service}:{region}:{account}:{resource}{sep}{resource-name} * * The required ARN pieces that are omitted will be taken from the stack that * the 'scope' is attached to. If all ARN pieces are supplied, the supplied scope * can be 'undefined'. */ static format(components: ArnComponents, stack?: Stack): string; /** * Splits the provided ARN into its components. * Works both if 'arn' is a string like 'arn:aws:s3:::bucket', * and a Token representing a dynamic CloudFormation expression * (in which case the returned components will also be dynamic CloudFormation expressions, * encoded as Tokens). * * @param arn the ARN to split into its components * @param arnFormat the expected format of 'arn' - depends on what format the service 'arn' represents uses */ static split(arn: string, arnFormat: ArnFormat): ArnComponents; /** * Extract the full resource name from an ARN * * Necessary for resource names (paths) that may contain the separator, like * `arn:aws:iam::111111111111:role/path/to/role/name`. * * Only works if we statically know the expected `resourceType` beforehand, since we're going * to use that to split the string on ':<resourceType>/' (and take the right-hand side). * * We can't extract the 'resourceType' from the ARN at hand, because CloudFormation Expressions * only allow literals in the 'separator' argument to `{ Fn::Split }`, and so it can't be * `{ Fn::Select: [5, { Fn::Split: [':', ARN] }}`. * * Only necessary for ARN formats for which the type-name separator is `/`. */ static extractResourceName(arn: string, resourceType: string): string; private constructor(); }