1. Packages
  2. AWS Classic
  3. API Docs
  4. lambda
  5. LayerVersionPermission

Try AWS Native preview for resources not in the classic version.

AWS Classic v5.41.0 published on Monday, May 15, 2023 by Pulumi

aws.lambda.LayerVersionPermission

Explore with Pulumi AI

aws logo

Try AWS Native preview for resources not in the classic version.

AWS Classic v5.41.0 published on Monday, May 15, 2023 by Pulumi

    Provides a Lambda Layer Version Permission resource. It allows you to share you own Lambda Layers to another account by account ID, to all accounts in AWS organization or even to all AWS accounts.

    For information about Lambda Layer Permissions and how to use them, see [Using Resource-based Policies for AWS Lambda][1]

    Example Usage

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        var lambdaLayerPermission = new Aws.Lambda.LayerVersionPermission("lambdaLayerPermission", new()
        {
            Action = "lambda:GetLayerVersion",
            LayerName = "arn:aws:lambda:us-west-2:123456654321:layer:test_layer1",
            Principal = "111111111111",
            StatementId = "dev-account",
            VersionNumber = 1,
        });
    
    });
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/lambda"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := lambda.NewLayerVersionPermission(ctx, "lambdaLayerPermission", &lambda.LayerVersionPermissionArgs{
    			Action:        pulumi.String("lambda:GetLayerVersion"),
    			LayerName:     pulumi.String("arn:aws:lambda:us-west-2:123456654321:layer:test_layer1"),
    			Principal:     pulumi.String("111111111111"),
    			StatementId:   pulumi.String("dev-account"),
    			VersionNumber: pulumi.Int(1),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.lambda.LayerVersionPermission;
    import com.pulumi.aws.lambda.LayerVersionPermissionArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var lambdaLayerPermission = new LayerVersionPermission("lambdaLayerPermission", LayerVersionPermissionArgs.builder()        
                .action("lambda:GetLayerVersion")
                .layerName("arn:aws:lambda:us-west-2:123456654321:layer:test_layer1")
                .principal("111111111111")
                .statementId("dev-account")
                .versionNumber(1)
                .build());
    
        }
    }
    
    import pulumi
    import pulumi_aws as aws
    
    lambda_layer_permission = aws.lambda_.LayerVersionPermission("lambdaLayerPermission",
        action="lambda:GetLayerVersion",
        layer_name="arn:aws:lambda:us-west-2:123456654321:layer:test_layer1",
        principal="111111111111",
        statement_id="dev-account",
        version_number=1)
    
    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    
    const lambdaLayerPermission = new aws.lambda.LayerVersionPermission("lambdaLayerPermission", {
        action: "lambda:GetLayerVersion",
        layerName: "arn:aws:lambda:us-west-2:123456654321:layer:test_layer1",
        principal: "111111111111",
        statementId: "dev-account",
        versionNumber: 1,
    });
    
    resources:
      lambdaLayerPermission:
        type: aws:lambda:LayerVersionPermission
        properties:
          action: lambda:GetLayerVersion
          layerName: arn:aws:lambda:us-west-2:123456654321:layer:test_layer1
          principal: '111111111111'
          statementId: dev-account
          versionNumber: 1
    

    Create LayerVersionPermission Resource

    new LayerVersionPermission(name: string, args: LayerVersionPermissionArgs, opts?: CustomResourceOptions);
    @overload
    def LayerVersionPermission(resource_name: str,
                               opts: Optional[ResourceOptions] = None,
                               action: Optional[str] = None,
                               layer_name: Optional[str] = None,
                               organization_id: Optional[str] = None,
                               principal: Optional[str] = None,
                               statement_id: Optional[str] = None,
                               version_number: Optional[int] = None)
    @overload
    def LayerVersionPermission(resource_name: str,
                               args: LayerVersionPermissionArgs,
                               opts: Optional[ResourceOptions] = None)
    func NewLayerVersionPermission(ctx *Context, name string, args LayerVersionPermissionArgs, opts ...ResourceOption) (*LayerVersionPermission, error)
    public LayerVersionPermission(string name, LayerVersionPermissionArgs args, CustomResourceOptions? opts = null)
    public LayerVersionPermission(String name, LayerVersionPermissionArgs args)
    public LayerVersionPermission(String name, LayerVersionPermissionArgs args, CustomResourceOptions options)
    
    type: aws:lambda:LayerVersionPermission
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    
    name string
    The unique name of the resource.
    args LayerVersionPermissionArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args LayerVersionPermissionArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args LayerVersionPermissionArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args LayerVersionPermissionArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args LayerVersionPermissionArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    LayerVersionPermission Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The LayerVersionPermission resource accepts the following input properties:

    Action string

    Action, which will be allowed. lambda:GetLayerVersion value is suggested by AWS documantation.

    LayerName string

    The name or ARN of the Lambda Layer, which you want to grant access to.

    Principal string

    AWS account ID which should be able to use your Lambda Layer. * can be used here, if you want to share your Lambda Layer widely.

    StatementId string

    The name of Lambda Layer Permission, for example dev-account - human readable note about what is this permission for.

    VersionNumber int

    Version of Lambda Layer, which you want to grant access to. Note: permissions only apply to a single version of a layer.

    OrganizationId string

    An identifier of AWS Organization, which should be able to use your Lambda Layer. principal should be equal to * if organization_id provided.

    Action string

    Action, which will be allowed. lambda:GetLayerVersion value is suggested by AWS documantation.

    LayerName string

    The name or ARN of the Lambda Layer, which you want to grant access to.

    Principal string

    AWS account ID which should be able to use your Lambda Layer. * can be used here, if you want to share your Lambda Layer widely.

    StatementId string

    The name of Lambda Layer Permission, for example dev-account - human readable note about what is this permission for.

    VersionNumber int

    Version of Lambda Layer, which you want to grant access to. Note: permissions only apply to a single version of a layer.

    OrganizationId string

    An identifier of AWS Organization, which should be able to use your Lambda Layer. principal should be equal to * if organization_id provided.

    action String

    Action, which will be allowed. lambda:GetLayerVersion value is suggested by AWS documantation.

    layerName String

    The name or ARN of the Lambda Layer, which you want to grant access to.

    principal String

    AWS account ID which should be able to use your Lambda Layer. * can be used here, if you want to share your Lambda Layer widely.

    statementId String

    The name of Lambda Layer Permission, for example dev-account - human readable note about what is this permission for.

    versionNumber Integer

    Version of Lambda Layer, which you want to grant access to. Note: permissions only apply to a single version of a layer.

    organizationId String

    An identifier of AWS Organization, which should be able to use your Lambda Layer. principal should be equal to * if organization_id provided.

    action string

    Action, which will be allowed. lambda:GetLayerVersion value is suggested by AWS documantation.

    layerName string

    The name or ARN of the Lambda Layer, which you want to grant access to.

    principal string

    AWS account ID which should be able to use your Lambda Layer. * can be used here, if you want to share your Lambda Layer widely.

    statementId string

    The name of Lambda Layer Permission, for example dev-account - human readable note about what is this permission for.

    versionNumber number

    Version of Lambda Layer, which you want to grant access to. Note: permissions only apply to a single version of a layer.

    organizationId string

    An identifier of AWS Organization, which should be able to use your Lambda Layer. principal should be equal to * if organization_id provided.

    action str

    Action, which will be allowed. lambda:GetLayerVersion value is suggested by AWS documantation.

    layer_name str

    The name or ARN of the Lambda Layer, which you want to grant access to.

    principal str

    AWS account ID which should be able to use your Lambda Layer. * can be used here, if you want to share your Lambda Layer widely.

    statement_id str

    The name of Lambda Layer Permission, for example dev-account - human readable note about what is this permission for.

    version_number int

    Version of Lambda Layer, which you want to grant access to. Note: permissions only apply to a single version of a layer.

    organization_id str

    An identifier of AWS Organization, which should be able to use your Lambda Layer. principal should be equal to * if organization_id provided.

    action String

    Action, which will be allowed. lambda:GetLayerVersion value is suggested by AWS documantation.

    layerName String

    The name or ARN of the Lambda Layer, which you want to grant access to.

    principal String

    AWS account ID which should be able to use your Lambda Layer. * can be used here, if you want to share your Lambda Layer widely.

    statementId String

    The name of Lambda Layer Permission, for example dev-account - human readable note about what is this permission for.

    versionNumber Number

    Version of Lambda Layer, which you want to grant access to. Note: permissions only apply to a single version of a layer.

    organizationId String

    An identifier of AWS Organization, which should be able to use your Lambda Layer. principal should be equal to * if organization_id provided.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the LayerVersionPermission resource produces the following output properties:

    Id string

    The provider-assigned unique ID for this managed resource.

    Policy string

    Full Lambda Layer Permission policy.

    RevisionId string

    A unique identifier for the current revision of the policy.

    Id string

    The provider-assigned unique ID for this managed resource.

    Policy string

    Full Lambda Layer Permission policy.

    RevisionId string

    A unique identifier for the current revision of the policy.

    id String

    The provider-assigned unique ID for this managed resource.

    policy String

    Full Lambda Layer Permission policy.

    revisionId String

    A unique identifier for the current revision of the policy.

    id string

    The provider-assigned unique ID for this managed resource.

    policy string

    Full Lambda Layer Permission policy.

    revisionId string

    A unique identifier for the current revision of the policy.

    id str

    The provider-assigned unique ID for this managed resource.

    policy str

    Full Lambda Layer Permission policy.

    revision_id str

    A unique identifier for the current revision of the policy.

    id String

    The provider-assigned unique ID for this managed resource.

    policy String

    Full Lambda Layer Permission policy.

    revisionId String

    A unique identifier for the current revision of the policy.

    Look up Existing LayerVersionPermission Resource

    Get an existing LayerVersionPermission resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: LayerVersionPermissionState, opts?: CustomResourceOptions): LayerVersionPermission
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            action: Optional[str] = None,
            layer_name: Optional[str] = None,
            organization_id: Optional[str] = None,
            policy: Optional[str] = None,
            principal: Optional[str] = None,
            revision_id: Optional[str] = None,
            statement_id: Optional[str] = None,
            version_number: Optional[int] = None) -> LayerVersionPermission
    func GetLayerVersionPermission(ctx *Context, name string, id IDInput, state *LayerVersionPermissionState, opts ...ResourceOption) (*LayerVersionPermission, error)
    public static LayerVersionPermission Get(string name, Input<string> id, LayerVersionPermissionState? state, CustomResourceOptions? opts = null)
    public static LayerVersionPermission get(String name, Output<String> id, LayerVersionPermissionState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    Action string

    Action, which will be allowed. lambda:GetLayerVersion value is suggested by AWS documantation.

    LayerName string

    The name or ARN of the Lambda Layer, which you want to grant access to.

    OrganizationId string

    An identifier of AWS Organization, which should be able to use your Lambda Layer. principal should be equal to * if organization_id provided.

    Policy string

    Full Lambda Layer Permission policy.

    Principal string

    AWS account ID which should be able to use your Lambda Layer. * can be used here, if you want to share your Lambda Layer widely.

    RevisionId string

    A unique identifier for the current revision of the policy.

    StatementId string

    The name of Lambda Layer Permission, for example dev-account - human readable note about what is this permission for.

    VersionNumber int

    Version of Lambda Layer, which you want to grant access to. Note: permissions only apply to a single version of a layer.

    Action string

    Action, which will be allowed. lambda:GetLayerVersion value is suggested by AWS documantation.

    LayerName string

    The name or ARN of the Lambda Layer, which you want to grant access to.

    OrganizationId string

    An identifier of AWS Organization, which should be able to use your Lambda Layer. principal should be equal to * if organization_id provided.

    Policy string

    Full Lambda Layer Permission policy.

    Principal string

    AWS account ID which should be able to use your Lambda Layer. * can be used here, if you want to share your Lambda Layer widely.

    RevisionId string

    A unique identifier for the current revision of the policy.

    StatementId string

    The name of Lambda Layer Permission, for example dev-account - human readable note about what is this permission for.

    VersionNumber int

    Version of Lambda Layer, which you want to grant access to. Note: permissions only apply to a single version of a layer.

    action String

    Action, which will be allowed. lambda:GetLayerVersion value is suggested by AWS documantation.

    layerName String

    The name or ARN of the Lambda Layer, which you want to grant access to.

    organizationId String

    An identifier of AWS Organization, which should be able to use your Lambda Layer. principal should be equal to * if organization_id provided.

    policy String

    Full Lambda Layer Permission policy.

    principal String

    AWS account ID which should be able to use your Lambda Layer. * can be used here, if you want to share your Lambda Layer widely.

    revisionId String

    A unique identifier for the current revision of the policy.

    statementId String

    The name of Lambda Layer Permission, for example dev-account - human readable note about what is this permission for.

    versionNumber Integer

    Version of Lambda Layer, which you want to grant access to. Note: permissions only apply to a single version of a layer.

    action string

    Action, which will be allowed. lambda:GetLayerVersion value is suggested by AWS documantation.

    layerName string

    The name or ARN of the Lambda Layer, which you want to grant access to.

    organizationId string

    An identifier of AWS Organization, which should be able to use your Lambda Layer. principal should be equal to * if organization_id provided.

    policy string

    Full Lambda Layer Permission policy.

    principal string

    AWS account ID which should be able to use your Lambda Layer. * can be used here, if you want to share your Lambda Layer widely.

    revisionId string

    A unique identifier for the current revision of the policy.

    statementId string

    The name of Lambda Layer Permission, for example dev-account - human readable note about what is this permission for.

    versionNumber number

    Version of Lambda Layer, which you want to grant access to. Note: permissions only apply to a single version of a layer.

    action str

    Action, which will be allowed. lambda:GetLayerVersion value is suggested by AWS documantation.

    layer_name str

    The name or ARN of the Lambda Layer, which you want to grant access to.

    organization_id str

    An identifier of AWS Organization, which should be able to use your Lambda Layer. principal should be equal to * if organization_id provided.

    policy str

    Full Lambda Layer Permission policy.

    principal str

    AWS account ID which should be able to use your Lambda Layer. * can be used here, if you want to share your Lambda Layer widely.

    revision_id str

    A unique identifier for the current revision of the policy.

    statement_id str

    The name of Lambda Layer Permission, for example dev-account - human readable note about what is this permission for.

    version_number int

    Version of Lambda Layer, which you want to grant access to. Note: permissions only apply to a single version of a layer.

    action String

    Action, which will be allowed. lambda:GetLayerVersion value is suggested by AWS documantation.

    layerName String

    The name or ARN of the Lambda Layer, which you want to grant access to.

    organizationId String

    An identifier of AWS Organization, which should be able to use your Lambda Layer. principal should be equal to * if organization_id provided.

    policy String

    Full Lambda Layer Permission policy.

    principal String

    AWS account ID which should be able to use your Lambda Layer. * can be used here, if you want to share your Lambda Layer widely.

    revisionId String

    A unique identifier for the current revision of the policy.

    statementId String

    The name of Lambda Layer Permission, for example dev-account - human readable note about what is this permission for.

    versionNumber Number

    Version of Lambda Layer, which you want to grant access to. Note: permissions only apply to a single version of a layer.

    Import

    Lambda Layer Permissions can be imported using layer_name and version_number, separated by a comma (,).

     $ pulumi import aws:lambda/layerVersionPermission:LayerVersionPermission example arn:aws:lambda:us-west-2:123456654321:layer:test_layer1,1
    

    [1]https://docs.aws.amazon.com/lambda/latest/dg/access-control-resource-based.html#permissions-resource-xaccountlayer

    Package Details

    Repository
    AWS Classic pulumi/pulumi-aws
    License
    Apache-2.0
    Notes

    This Pulumi package is based on the aws Terraform Provider.

    aws logo

    Try AWS Native preview for resources not in the classic version.

    AWS Classic v5.41.0 published on Monday, May 15, 2023 by Pulumi