UNPKG

aws-cdk-lib

Version:

Version 2 of the AWS Cloud Development Kit library

github.com/aws/aws-cdk

aws/aws-cdk

57 lines (56 loc) 1.79 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
import * as sqs from "./sqs.generated"; import * as iam from "../../aws-iam"; /** * Collection of grant methods for a IQueueRef */ export declare class QueueGrants { /** * Creates grants for QueueGrants */ static fromQueue(resource: sqs.IQueueRef): QueueGrants; protected readonly resource: sqs.IQueueRef; protected readonly encryptedResource?: iam.IEncryptedResource; protected readonly policyResource?: iam.IResourceWithPolicyV2; private constructor(); /** * Grant permissions to consume messages from a queue * * This will grant the following permissions: * * - sqs:ChangeMessageVisibility * - sqs:DeleteMessage * - sqs:ReceiveMessage * - sqs:GetQueueAttributes * - sqs:GetQueueUrl * * If encryption is used, permission to use the key to decrypt the contents of the queue will also be granted to the same principal. * * This will grant the following KMS permissions: * * - kms:Decrypt */ consumeMessages(grantee: iam.IGrantable): iam.Grant; /** * Grant access to send messages to a queue to the given identity. * * This will grant the following permissions: * * - sqs:SendMessage * - sqs:GetQueueAttributes * - sqs:GetQueueUrl * * If encryption is used, permission to use the key to encrypt/decrypt the contents of the queue will also be granted to the same principal. * * This will grant the following KMS permissions: * * - kms:Decrypt * - kms:Encrypt * - kms:ReEncrypt* * - kms:GenerateDataKey* */ sendMessages(grantee: iam.IGrantable): iam.Grant; /** * Grants purge permissions */ purge(grantee: iam.IGrantable): iam.Grant; }