pulumi-aws-kotlin/com.pulumi.aws.lambda.kotlin/LayerVersionPermissionArgs

LayerVersionPermissionArgs

data class LayerVersionPermissionArgs(val action: Output<String>? = null, val layerName: Output<String>? = null, val organizationId: Output<String>? = null, val principal: Output<String>? = null, val skipDestroy: Output<Boolean>? = null, val statementId: Output<String>? = null, val versionNumber: Output<Int>? = null) : ConvertibleToJava<LayerVersionPermissionArgs>

Provides a Lambda Layer Version Permission resource. It allows you to share you own Lambda Layers to another account by account ID, to all accounts in AWS organization or even to all AWS accounts. For information about Lambda Layer Permissions and how to use them, see 1

NOTE: Setting skip_destroy to true means that the AWS Provider will not destroy any layer version permission, even when running pulumi destroy. Layer version permissions are thus intentional dangling resources that are not managed by Pulumi and may incur extra expense in your AWS account.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const lambdaLayerPermission = new aws.lambda.LayerVersionPermission("lambda_layer_permission", {
    layerName: "arn:aws:lambda:us-west-2:123456654321:layer:test_layer1",
    versionNumber: 1,
    principal: "111111111111",
    action: "lambda:GetLayerVersion",
    statementId: "dev-account",
});
Content copied to clipboard
import pulumi
import pulumi_aws as aws
lambda_layer_permission = aws.lambda_.LayerVersionPermission("lambda_layer_permission",
    layer_name="arn:aws:lambda:us-west-2:123456654321:layer:test_layer1",
    version_number=1,
    principal="111111111111",
    action="lambda:GetLayerVersion",
    statement_id="dev-account")
Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
    var lambdaLayerPermission = new Aws.Lambda.LayerVersionPermission("lambda_layer_permission", new()
    {
        LayerName = "arn:aws:lambda:us-west-2:123456654321:layer:test_layer1",
        VersionNumber = 1,
        Principal = "111111111111",
        Action = "lambda:GetLayerVersion",
        StatementId = "dev-account",
    });
});
Content copied to clipboard
package main
import (
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := lambda.NewLayerVersionPermission(ctx, "lambda_layer_permission", &lambda.LayerVersionPermissionArgs{
			LayerName:     pulumi.String("arn:aws:lambda:us-west-2:123456654321:layer:test_layer1"),
			VersionNumber: pulumi.Int(1),
			Principal:     pulumi.String("111111111111"),
			Action:        pulumi.String("lambda:GetLayerVersion"),
			StatementId:   pulumi.String("dev-account"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.lambda.LayerVersionPermission;
import com.pulumi.aws.lambda.LayerVersionPermissionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var lambdaLayerPermission = new LayerVersionPermission("lambdaLayerPermission", LayerVersionPermissionArgs.builder()
            .layerName("arn:aws:lambda:us-west-2:123456654321:layer:test_layer1")
            .versionNumber(1)
            .principal("111111111111")
            .action("lambda:GetLayerVersion")
            .statementId("dev-account")
            .build());
    }
}
Content copied to clipboard
resources:
  lambdaLayerPermission:
    type: aws:lambda:LayerVersionPermission
    name: lambda_layer_permission
    properties:
      layerName: arn:aws:lambda:us-west-2:123456654321:layer:test_layer1
      versionNumber: 1
      principal: '111111111111'
      action: lambda:GetLayerVersion
      statementId: dev-account
Content copied to clipboard

Import

Using pulumi import, import Lambda Layer Permissions using layer_name and version_number, separated by a comma (,). For example:

$ pulumi import aws:lambda/layerVersionPermission:LayerVersionPermission example arn:aws:lambda:us-west-2:123456654321:layer:test_layer1,1
Content copied to clipboard

Constructors

Link copied to clipboard
constructor(action: Output<String>? = null, layerName: Output<String>? = null, organizationId: Output<String>? = null, principal: Output<String>? = null, skipDestroy: Output<Boolean>? = null, statementId: Output<String>? = null, versionNumber: Output<Int>? = null)

Properties

Link copied to clipboard
val action: Output<String>? = null

Action, which will be allowed. lambda:GetLayerVersion value is suggested by AWS documantation.

Link copied to clipboard
val layerName: Output<String>? = null

The name or ARN of the Lambda Layer, which you want to grant access to.

Link copied to clipboard
val organizationId: Output<String>? = null

An identifier of AWS Organization, which should be able to use your Lambda Layer. principal should be equal to * if organization_id provided.

Link copied to clipboard
val principal: Output<String>? = null

AWS account ID which should be able to use your Lambda Layer. * can be used here, if you want to share your Lambda Layer widely.

Link copied to clipboard
val skipDestroy: Output<Boolean>? = null

Whether to retain the old version of a previously deployed Lambda Layer. Default is false. When this is not set to true, changing any of compatible_architectures, compatible_runtimes, description, filename, layer_name, license_info, s3_bucket, s3_key, s3_object_version, or source_code_hash forces deletion of the existing layer version and creation of a new layer version.

Link copied to clipboard
val statementId: Output<String>? = null

The name of Lambda Layer Permission, for example dev-account - human readable note about what is this permission for.

Link copied to clipboard
val versionNumber: Output<Int>? = null

Version of Lambda Layer, which you want to grant access to. Note: permissions only apply to a single version of a layer.

Functions

Link copied to clipboard
open override fun toJava(): LayerVersionPermissionArgs