UNPKG

aws-cdk-lib

Version:

Version 2 of the AWS Cloud Development Kit library

github.com/aws/aws-cdk

aws/aws-cdk

133 lines (132 loc) 4.63 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
import * as constructs from 'constructs'; import { Construct } from 'constructs'; import { ITopicSubscription } from './subscriber'; import { Subscription } from './subscription'; import * as notifications from '../../aws-codestarnotifications'; import * as iam from '../../aws-iam'; import { IKey } from '../../aws-kms'; import { IResource, Resource, ResourceProps } from '../../core'; /** * Represents an SNS topic */ export interface ITopic extends IResource, notifications.INotificationRuleTarget { /** * The ARN of the topic * * @attribute */ readonly topicArn: string; /** * The name of the topic * * @attribute */ readonly topicName: string; /** * A KMS Key, either managed by this CDK app, or imported. * * This property applies only to server-side encryption. * * @see https://docs.aws.amazon.com/sns/latest/dg/sns-server-side-encryption.html * * @default None */ readonly masterKey?: IKey; /** * Enables content-based deduplication for FIFO topics. * * @attribute */ readonly contentBasedDeduplication: boolean; /** * Whether this topic is an Amazon SNS FIFO queue. If false, this is a standard topic. * * @attribute */ readonly fifo: boolean; /** * Subscribe some endpoint to this topic */ addSubscription(subscription: ITopicSubscription): Subscription; /** * Adds a statement to the IAM resource policy associated with this topic. * * If this topic was created in this stack (`new Topic`), a topic policy * will be automatically created upon the first call to `addToResourcePolicy`. If * the topic is imported (`Topic.import`), then this is a no-op. */ addToResourcePolicy(statement: iam.PolicyStatement): iam.AddToResourcePolicyResult; /** * Grant topic publishing permissions to the given identity */ grantPublish(identity: iam.IGrantable): iam.Grant; /** * Grant topic subscribing permissions to the given identity */ grantSubscribe(identity: iam.IGrantable): iam.Grant; } /** * Either a new or imported Topic */ export declare abstract class TopicBase extends Resource implements ITopic { abstract readonly topicArn: string; abstract readonly topicName: string; abstract readonly masterKey?: IKey; abstract readonly fifo: boolean; abstract readonly contentBasedDeduplication: boolean; /** * Controls automatic creation of policy objects. * * Set by subclasses. */ protected abstract readonly autoCreatePolicy: boolean; /** * Adds a statement to enforce encryption of data in transit when publishing to the topic. */ protected enforceSSL?: boolean; private policy?; constructor(scope: Construct, id: string, props?: ResourceProps); /** * Subscribe some endpoint to this topic */ addSubscription(topicSubscription: ITopicSubscription): Subscription; /** * Adds a statement to the IAM resource policy associated with this topic. * * If this topic was created in this stack (`new Topic`), a topic policy * will be automatically created upon the first call to `addToResourcePolicy`. * However, if `enforceSSL` is set to `true`, the policy has already been created * before the first call to this method. * * If the topic is imported (`Topic.import`), then this is a no-op. */ addToResourcePolicy(statement: iam.PolicyStatement): iam.AddToResourcePolicyResult; /** * Adds a SSL policy to the topic resource policy. */ protected addSSLPolicy(): void; /** * Creates a topic policy for this topic. */ protected createTopicPolicy(): void; /** * Adds a statement to enforce encryption of data in transit when publishing to the topic. * * For more information, see https://docs.aws.amazon.com/sns/latest/dg/sns-security-best-practices.html#enforce-encryption-data-in-transit. */ protected createSSLPolicyDocument(): iam.PolicyStatement; /** * Grant topic publishing permissions to the given identity */ grantPublish(grantee: iam.IGrantable): iam.Grant; /** * Grant topic subscribing permissions to the given identity */ grantSubscribe(grantee: iam.IGrantable): iam.Grant; /** * Represents a notification target * That allows SNS topic to associate with this rule target. */ bindAsNotificationRuleTarget(_scope: constructs.Construct): notifications.NotificationRuleTargetConfig; private nextTokenId; }