Try AWS Native preview for resources not in the classic version.
aws.lambda.LayerVersionPermission
Explore with Pulumi AI
Try AWS Native preview for resources not in the classic version.
Provides a Lambda Layer Version Permission resource. It allows you to share you own Lambda Layers to another account by account ID, to all accounts in AWS organization or even to all AWS accounts.
For information about Lambda Layer Permissions and how to use them, see [Using Resource-based Policies for AWS Lambda][1]
Example Usage
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var lambdaLayerPermission = new Aws.Lambda.LayerVersionPermission("lambdaLayerPermission", new()
{
Action = "lambda:GetLayerVersion",
LayerName = "arn:aws:lambda:us-west-2:123456654321:layer:test_layer1",
Principal = "111111111111",
StatementId = "dev-account",
VersionNumber = 1,
});
});
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/lambda"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := lambda.NewLayerVersionPermission(ctx, "lambdaLayerPermission", &lambda.LayerVersionPermissionArgs{
Action: pulumi.String("lambda:GetLayerVersion"),
LayerName: pulumi.String("arn:aws:lambda:us-west-2:123456654321:layer:test_layer1"),
Principal: pulumi.String("111111111111"),
StatementId: pulumi.String("dev-account"),
VersionNumber: pulumi.Int(1),
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.lambda.LayerVersionPermission;
import com.pulumi.aws.lambda.LayerVersionPermissionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var lambdaLayerPermission = new LayerVersionPermission("lambdaLayerPermission", LayerVersionPermissionArgs.builder()
.action("lambda:GetLayerVersion")
.layerName("arn:aws:lambda:us-west-2:123456654321:layer:test_layer1")
.principal("111111111111")
.statementId("dev-account")
.versionNumber(1)
.build());
}
}
import pulumi
import pulumi_aws as aws
lambda_layer_permission = aws.lambda_.LayerVersionPermission("lambdaLayerPermission",
action="lambda:GetLayerVersion",
layer_name="arn:aws:lambda:us-west-2:123456654321:layer:test_layer1",
principal="111111111111",
statement_id="dev-account",
version_number=1)
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const lambdaLayerPermission = new aws.lambda.LayerVersionPermission("lambdaLayerPermission", {
action: "lambda:GetLayerVersion",
layerName: "arn:aws:lambda:us-west-2:123456654321:layer:test_layer1",
principal: "111111111111",
statementId: "dev-account",
versionNumber: 1,
});
resources:
lambdaLayerPermission:
type: aws:lambda:LayerVersionPermission
properties:
action: lambda:GetLayerVersion
layerName: arn:aws:lambda:us-west-2:123456654321:layer:test_layer1
principal: '111111111111'
statementId: dev-account
versionNumber: 1
Create LayerVersionPermission Resource
new LayerVersionPermission(name: string, args: LayerVersionPermissionArgs, opts?: CustomResourceOptions);
@overload
def LayerVersionPermission(resource_name: str,
opts: Optional[ResourceOptions] = None,
action: Optional[str] = None,
layer_name: Optional[str] = None,
organization_id: Optional[str] = None,
principal: Optional[str] = None,
statement_id: Optional[str] = None,
version_number: Optional[int] = None)
@overload
def LayerVersionPermission(resource_name: str,
args: LayerVersionPermissionArgs,
opts: Optional[ResourceOptions] = None)
func NewLayerVersionPermission(ctx *Context, name string, args LayerVersionPermissionArgs, opts ...ResourceOption) (*LayerVersionPermission, error)
public LayerVersionPermission(string name, LayerVersionPermissionArgs args, CustomResourceOptions? opts = null)
public LayerVersionPermission(String name, LayerVersionPermissionArgs args)
public LayerVersionPermission(String name, LayerVersionPermissionArgs args, CustomResourceOptions options)
type: aws:lambda:LayerVersionPermission
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args LayerVersionPermissionArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args LayerVersionPermissionArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args LayerVersionPermissionArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args LayerVersionPermissionArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args LayerVersionPermissionArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
LayerVersionPermission Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The LayerVersionPermission resource accepts the following input properties:
- Action string
Action, which will be allowed.
lambda:GetLayerVersion
value is suggested by AWS documantation.- Layer
Name string The name or ARN of the Lambda Layer, which you want to grant access to.
- Principal string
AWS account ID which should be able to use your Lambda Layer.
*
can be used here, if you want to share your Lambda Layer widely.- Statement
Id string The name of Lambda Layer Permission, for example
dev-account
- human readable note about what is this permission for.- Version
Number int Version of Lambda Layer, which you want to grant access to. Note: permissions only apply to a single version of a layer.
- Organization
Id string An identifier of AWS Organization, which should be able to use your Lambda Layer.
principal
should be equal to*
iforganization_id
provided.
- Action string
Action, which will be allowed.
lambda:GetLayerVersion
value is suggested by AWS documantation.- Layer
Name string The name or ARN of the Lambda Layer, which you want to grant access to.
- Principal string
AWS account ID which should be able to use your Lambda Layer.
*
can be used here, if you want to share your Lambda Layer widely.- Statement
Id string The name of Lambda Layer Permission, for example
dev-account
- human readable note about what is this permission for.- Version
Number int Version of Lambda Layer, which you want to grant access to. Note: permissions only apply to a single version of a layer.
- Organization
Id string An identifier of AWS Organization, which should be able to use your Lambda Layer.
principal
should be equal to*
iforganization_id
provided.
- action String
Action, which will be allowed.
lambda:GetLayerVersion
value is suggested by AWS documantation.- layer
Name String The name or ARN of the Lambda Layer, which you want to grant access to.
- principal String
AWS account ID which should be able to use your Lambda Layer.
*
can be used here, if you want to share your Lambda Layer widely.- statement
Id String The name of Lambda Layer Permission, for example
dev-account
- human readable note about what is this permission for.- version
Number Integer Version of Lambda Layer, which you want to grant access to. Note: permissions only apply to a single version of a layer.
- organization
Id String An identifier of AWS Organization, which should be able to use your Lambda Layer.
principal
should be equal to*
iforganization_id
provided.
- action string
Action, which will be allowed.
lambda:GetLayerVersion
value is suggested by AWS documantation.- layer
Name string The name or ARN of the Lambda Layer, which you want to grant access to.
- principal string
AWS account ID which should be able to use your Lambda Layer.
*
can be used here, if you want to share your Lambda Layer widely.- statement
Id string The name of Lambda Layer Permission, for example
dev-account
- human readable note about what is this permission for.- version
Number number Version of Lambda Layer, which you want to grant access to. Note: permissions only apply to a single version of a layer.
- organization
Id string An identifier of AWS Organization, which should be able to use your Lambda Layer.
principal
should be equal to*
iforganization_id
provided.
- action str
Action, which will be allowed.
lambda:GetLayerVersion
value is suggested by AWS documantation.- layer_
name str The name or ARN of the Lambda Layer, which you want to grant access to.
- principal str
AWS account ID which should be able to use your Lambda Layer.
*
can be used here, if you want to share your Lambda Layer widely.- statement_
id str The name of Lambda Layer Permission, for example
dev-account
- human readable note about what is this permission for.- version_
number int Version of Lambda Layer, which you want to grant access to. Note: permissions only apply to a single version of a layer.
- organization_
id str An identifier of AWS Organization, which should be able to use your Lambda Layer.
principal
should be equal to*
iforganization_id
provided.
- action String
Action, which will be allowed.
lambda:GetLayerVersion
value is suggested by AWS documantation.- layer
Name String The name or ARN of the Lambda Layer, which you want to grant access to.
- principal String
AWS account ID which should be able to use your Lambda Layer.
*
can be used here, if you want to share your Lambda Layer widely.- statement
Id String The name of Lambda Layer Permission, for example
dev-account
- human readable note about what is this permission for.- version
Number Number Version of Lambda Layer, which you want to grant access to. Note: permissions only apply to a single version of a layer.
- organization
Id String An identifier of AWS Organization, which should be able to use your Lambda Layer.
principal
should be equal to*
iforganization_id
provided.
Outputs
All input properties are implicitly available as output properties. Additionally, the LayerVersionPermission resource produces the following output properties:
- Id string
The provider-assigned unique ID for this managed resource.
- Policy string
Full Lambda Layer Permission policy.
- Revision
Id string A unique identifier for the current revision of the policy.
- Id string
The provider-assigned unique ID for this managed resource.
- Policy string
Full Lambda Layer Permission policy.
- Revision
Id string A unique identifier for the current revision of the policy.
- id String
The provider-assigned unique ID for this managed resource.
- policy String
Full Lambda Layer Permission policy.
- revision
Id String A unique identifier for the current revision of the policy.
- id string
The provider-assigned unique ID for this managed resource.
- policy string
Full Lambda Layer Permission policy.
- revision
Id string A unique identifier for the current revision of the policy.
- id str
The provider-assigned unique ID for this managed resource.
- policy str
Full Lambda Layer Permission policy.
- revision_
id str A unique identifier for the current revision of the policy.
- id String
The provider-assigned unique ID for this managed resource.
- policy String
Full Lambda Layer Permission policy.
- revision
Id String A unique identifier for the current revision of the policy.
Look up Existing LayerVersionPermission Resource
Get an existing LayerVersionPermission resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: LayerVersionPermissionState, opts?: CustomResourceOptions): LayerVersionPermission
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
action: Optional[str] = None,
layer_name: Optional[str] = None,
organization_id: Optional[str] = None,
policy: Optional[str] = None,
principal: Optional[str] = None,
revision_id: Optional[str] = None,
statement_id: Optional[str] = None,
version_number: Optional[int] = None) -> LayerVersionPermission
func GetLayerVersionPermission(ctx *Context, name string, id IDInput, state *LayerVersionPermissionState, opts ...ResourceOption) (*LayerVersionPermission, error)
public static LayerVersionPermission Get(string name, Input<string> id, LayerVersionPermissionState? state, CustomResourceOptions? opts = null)
public static LayerVersionPermission get(String name, Output<String> id, LayerVersionPermissionState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Action string
Action, which will be allowed.
lambda:GetLayerVersion
value is suggested by AWS documantation.- Layer
Name string The name or ARN of the Lambda Layer, which you want to grant access to.
- Organization
Id string An identifier of AWS Organization, which should be able to use your Lambda Layer.
principal
should be equal to*
iforganization_id
provided.- Policy string
Full Lambda Layer Permission policy.
- Principal string
AWS account ID which should be able to use your Lambda Layer.
*
can be used here, if you want to share your Lambda Layer widely.- Revision
Id string A unique identifier for the current revision of the policy.
- Statement
Id string The name of Lambda Layer Permission, for example
dev-account
- human readable note about what is this permission for.- Version
Number int Version of Lambda Layer, which you want to grant access to. Note: permissions only apply to a single version of a layer.
- Action string
Action, which will be allowed.
lambda:GetLayerVersion
value is suggested by AWS documantation.- Layer
Name string The name or ARN of the Lambda Layer, which you want to grant access to.
- Organization
Id string An identifier of AWS Organization, which should be able to use your Lambda Layer.
principal
should be equal to*
iforganization_id
provided.- Policy string
Full Lambda Layer Permission policy.
- Principal string
AWS account ID which should be able to use your Lambda Layer.
*
can be used here, if you want to share your Lambda Layer widely.- Revision
Id string A unique identifier for the current revision of the policy.
- Statement
Id string The name of Lambda Layer Permission, for example
dev-account
- human readable note about what is this permission for.- Version
Number int Version of Lambda Layer, which you want to grant access to. Note: permissions only apply to a single version of a layer.
- action String
Action, which will be allowed.
lambda:GetLayerVersion
value is suggested by AWS documantation.- layer
Name String The name or ARN of the Lambda Layer, which you want to grant access to.
- organization
Id String An identifier of AWS Organization, which should be able to use your Lambda Layer.
principal
should be equal to*
iforganization_id
provided.- policy String
Full Lambda Layer Permission policy.
- principal String
AWS account ID which should be able to use your Lambda Layer.
*
can be used here, if you want to share your Lambda Layer widely.- revision
Id String A unique identifier for the current revision of the policy.
- statement
Id String The name of Lambda Layer Permission, for example
dev-account
- human readable note about what is this permission for.- version
Number Integer Version of Lambda Layer, which you want to grant access to. Note: permissions only apply to a single version of a layer.
- action string
Action, which will be allowed.
lambda:GetLayerVersion
value is suggested by AWS documantation.- layer
Name string The name or ARN of the Lambda Layer, which you want to grant access to.
- organization
Id string An identifier of AWS Organization, which should be able to use your Lambda Layer.
principal
should be equal to*
iforganization_id
provided.- policy string
Full Lambda Layer Permission policy.
- principal string
AWS account ID which should be able to use your Lambda Layer.
*
can be used here, if you want to share your Lambda Layer widely.- revision
Id string A unique identifier for the current revision of the policy.
- statement
Id string The name of Lambda Layer Permission, for example
dev-account
- human readable note about what is this permission for.- version
Number number Version of Lambda Layer, which you want to grant access to. Note: permissions only apply to a single version of a layer.
- action str
Action, which will be allowed.
lambda:GetLayerVersion
value is suggested by AWS documantation.- layer_
name str The name or ARN of the Lambda Layer, which you want to grant access to.
- organization_
id str An identifier of AWS Organization, which should be able to use your Lambda Layer.
principal
should be equal to*
iforganization_id
provided.- policy str
Full Lambda Layer Permission policy.
- principal str
AWS account ID which should be able to use your Lambda Layer.
*
can be used here, if you want to share your Lambda Layer widely.- revision_
id str A unique identifier for the current revision of the policy.
- statement_
id str The name of Lambda Layer Permission, for example
dev-account
- human readable note about what is this permission for.- version_
number int Version of Lambda Layer, which you want to grant access to. Note: permissions only apply to a single version of a layer.
- action String
Action, which will be allowed.
lambda:GetLayerVersion
value is suggested by AWS documantation.- layer
Name String The name or ARN of the Lambda Layer, which you want to grant access to.
- organization
Id String An identifier of AWS Organization, which should be able to use your Lambda Layer.
principal
should be equal to*
iforganization_id
provided.- policy String
Full Lambda Layer Permission policy.
- principal String
AWS account ID which should be able to use your Lambda Layer.
*
can be used here, if you want to share your Lambda Layer widely.- revision
Id String A unique identifier for the current revision of the policy.
- statement
Id String The name of Lambda Layer Permission, for example
dev-account
- human readable note about what is this permission for.- version
Number Number Version of Lambda Layer, which you want to grant access to. Note: permissions only apply to a single version of a layer.
Import
Lambda Layer Permissions can be imported using layer_name
and version_number
, separated by a comma (,
).
$ pulumi import aws:lambda/layerVersionPermission:LayerVersionPermission example arn:aws:lambda:us-west-2:123456654321:layer:test_layer1,1
[1]https://docs.aws.amazon.com/lambda/latest/dg/access-control-resource-based.html#permissions-resource-xaccountlayer
Package Details
- Repository
- AWS Classic pulumi/pulumi-aws
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
aws
Terraform Provider.
Try AWS Native preview for resources not in the classic version.