class _IAliasProxy(jsii.proxy_for(aws_cdk.cdk.IResource)):
"""A KMS Key alias.
Stability:
experimental
"""
__jsii_type__ = "@aws-cdk/aws-kms.IAlias"
@property
@jsii.member(jsii_name="aliasName")
def alias_name(self) -> str:
"""The name of the alias.
Stability:
experimental
attribute:
AliasName
"""
return jsii.get(self, "aliasName")
@property
@jsii.member(jsii_name="aliasTargetKey")
def alias_target_key(self) -> "IKey":
"""The Key to which the Alias refers.
Stability:
experimental
attribute:
TargetKeyId
"""
return jsii.get(self, "aliasTargetKey")
class _IBaseInterfaceProxy(
jsii.proxy_for(scope.jsii_calc_base_of_base.IVeryBaseInterface)):
__jsii_type__ = "@scope/jsii-calc-base.IBaseInterface"
@jsii.member(jsii_name="bar")
def bar(self) -> None:
return jsii.invoke(self, "bar", [])
class _IAliasProxy(jsii.proxy_for(IKey)):
"""A KMS Key alias.
An alias can be used in all places that expect a key.
"""
__jsii_type__ = "@aws-cdk/aws-kms.IAlias"
@builtins.property
@jsii.member(jsii_name="aliasName")
def alias_name(self) -> str:
"""The name of the alias.
attribute:
:attribute:: true
"""
return jsii.get(self, "aliasName")
@builtins.property
@jsii.member(jsii_name="aliasTargetKey")
def alias_target_key(self) -> "IKey":
"""The Key to which the Alias refers.
attribute:
:attribute:: true
"""
return jsii.get(self, "aliasTargetKey")
class _RepositoryBaseProxy(RepositoryBase, jsii.proxy_for(aws_cdk.cdk.Resource)):
@jsii.member(jsii_name="addToResourcePolicy")
def add_to_resource_policy(self, statement: aws_cdk.aws_iam.PolicyStatement) -> None:
"""Add a policy statement to the repository's resource policy.
Arguments:
statement: -
Stability:
experimental
"""
return jsii.invoke(self, "addToResourcePolicy", [statement])
@property
@jsii.member(jsii_name="repositoryArn")
def repository_arn(self) -> str:
"""The ARN of the repository.
Stability:
experimental
"""
return jsii.get(self, "repositoryArn")
@property
@jsii.member(jsii_name="repositoryName")
def repository_name(self) -> str:
"""The name of the repository.
Stability:
experimental
"""
return jsii.get(self, "repositoryName")
class _OperationProxy(Operation, jsii.proxy_for(Value)):
@jsii.member(jsii_name="toString")
def to_string(self) -> str:
"""String representation of the value.
stability
:stability: deprecated
"""
return jsii.invoke(self, "toString", [])
class _IProfilingGroupProxy(jsii.proxy_for(aws_cdk.core.IResource)):
"""IResource represents a Profiling Group.
stability
:stability: experimental
"""
__jsii_type__ = "@aws-cdk/aws-codeguruprofiler.IProfilingGroup"
@builtins.property
@jsii.member(jsii_name="profilingGroupName")
def profiling_group_name(self) -> str:
"""A name for the profiling group.
stability
:stability: experimental
attribute:
:attribute:: true
"""
return jsii.get(self, "profilingGroupName")
@jsii.member(jsii_name="grantPublish")
def grant_publish(
self,
grantee: aws_cdk.aws_iam.IGrantable) -> aws_cdk.aws_iam.Grant:
"""Grant access to publish profiling information to the Profiling Group to the given identity.
This will grant the following permissions:
- codeguru-profiler:ConfigureAgent
- codeguru-profiler:PostAgentProfile
:param grantee: Principal to grant publish rights to.
stability
:stability: experimental
"""
return jsii.invoke(self, "grantPublish", [grantee])
@jsii.member(jsii_name="grantRead")
def grant_read(
self,
grantee: aws_cdk.aws_iam.IGrantable) -> aws_cdk.aws_iam.Grant:
"""Grant access to read profiling information from the Profiling Group to the given identity.
This will grant the following permissions:
- codeguru-profiler:GetProfile
- codeguru-profiler:DescribeProfilingGroup
:param grantee: Principal to grant read rights to.
stability
:stability: experimental
"""
return jsii.invoke(self, "grantRead", [grantee])
class _ValueProxy(Value, jsii.proxy_for(scope.jsii_calc_base.Base)):
@property
@jsii.member(jsii_name="value")
def value(self) -> jsii.Number:
"""The value.
stability
:stability: deprecated
"""
return jsii.get(self, "value")
class _ICertificateProxy(jsii.proxy_for(aws_cdk.core.IResource)):
__jsii_type__ = "@aws-cdk/aws-certificatemanager.ICertificate"
@property
@jsii.member(jsii_name="certificateArn")
def certificate_arn(self) -> str:
"""The certificate's ARN.
attribute:
:attribute:: true
"""
return jsii.get(self, "certificateArn")
class _CompositeOperationProxy(CompositeOperation,
jsii.proxy_for(scope.jsii_calc_lib.Operation)):
@builtins.property
@jsii.member(jsii_name="expression")
def expression(self) -> scope.jsii_calc_lib.Value:
"""The expression that this operation consists of.
Must be implemented by derived classes.
stability
:stability: experimental
"""
return jsii.get(self, "expression")
class _ISigningProfileProxy(
jsii.proxy_for(aws_cdk.core.IResource) # type: ignore[misc]
):
'''(experimental) A Signer Profile.
:stability: experimental
'''
__jsii_type__: typing.ClassVar[str] = "@aws-cdk/aws-signer.ISigningProfile"
@builtins.property # type: ignore[misc]
@jsii.member(jsii_name="signingProfileArn")
def signing_profile_arn(self) -> builtins.str:
'''(experimental) The ARN of the signing profile.
:stability: experimental
:attribute: true
'''
return typing.cast(builtins.str, jsii.get(self, "signingProfileArn"))
@builtins.property # type: ignore[misc]
@jsii.member(jsii_name="signingProfileName")
def signing_profile_name(self) -> builtins.str:
'''(experimental) The name of signing profile.
:stability: experimental
:attribute: ProfileName
'''
return typing.cast(builtins.str, jsii.get(self, "signingProfileName"))
@builtins.property # type: ignore[misc]
@jsii.member(jsii_name="signingProfileVersion")
def signing_profile_version(self) -> builtins.str:
'''(experimental) The version of signing profile.
:stability: experimental
:attribute: ProfileVersion
'''
return typing.cast(builtins.str, jsii.get(self,
"signingProfileVersion"))
@builtins.property # type: ignore[misc]
@jsii.member(jsii_name="signingProfileVersionArn")
def signing_profile_version_arn(self) -> builtins.str:
'''(experimental) The ARN of signing profile version.
:stability: experimental
:attribute: ProfileVersionArn
'''
return typing.cast(builtins.str,
jsii.get(self, "signingProfileVersionArn"))
class _IThreeLevelsInterfaceProxy(jsii.proxy_for(scope.jsii_calc_base.IBaseInterface)):
"""Interface that inherits from packages 2 levels up the tree.
Their presence validates that .NET/Java/jsii-reflect can track all fields
far enough up the tree.
stability
:stability: deprecated
"""
__jsii_type__ = "@scope/jsii-calc-lib.IThreeLevelsInterface"
@jsii.member(jsii_name="baz")
def baz(self) -> None:
"""
stability
:stability: deprecated
"""
return jsii.invoke(self, "baz", [])
class _ICertificateProxy(jsii.proxy_for(aws_cdk.cdk.IResource)):
"""
Stability:
experimental
"""
__jsii_type__ = "@aws-cdk/aws-certificatemanager.ICertificate"
@property
@jsii.member(jsii_name="certificateArn")
def certificate_arn(self) -> str:
"""The certificate's ARN.
Stability:
experimental
attribute:
true
"""
return jsii.get(self, "certificateArn")
class _IProfilingGroupProxy(
jsii.proxy_for(aws_cdk.core.IResource) # type: ignore[misc]
):
'''IResource represents a Profiling Group.'''
__jsii_type__: typing.ClassVar[str] = "@aws-cdk/aws-codeguruprofiler.IProfilingGroup"
@builtins.property # type: ignore[misc]
@jsii.member(jsii_name="profilingGroupName")
def profiling_group_name(self) -> builtins.str:
'''A name for the profiling group.
:attribute: true
'''
return typing.cast(builtins.str, jsii.get(self, "profilingGroupName"))
@jsii.member(jsii_name="grantPublish")
def grant_publish(
self,
grantee: aws_cdk.aws_iam.IGrantable,
) -> aws_cdk.aws_iam.Grant:
'''Grant access to publish profiling information to the Profiling Group to the given identity.
This will grant the following permissions:
- codeguru-profiler:ConfigureAgent
- codeguru-profiler:PostAgentProfile
:param grantee: Principal to grant publish rights to.
'''
return typing.cast(aws_cdk.aws_iam.Grant, jsii.invoke(self, "grantPublish", [grantee]))
@jsii.member(jsii_name="grantRead")
def grant_read(self, grantee: aws_cdk.aws_iam.IGrantable) -> aws_cdk.aws_iam.Grant:
'''Grant access to read profiling information from the Profiling Group to the given identity.
This will grant the following permissions:
- codeguru-profiler:GetProfile
- codeguru-profiler:DescribeProfilingGroup
:param grantee: Principal to grant read rights to.
'''
return typing.cast(aws_cdk.aws_iam.Grant, jsii.invoke(self, "grantRead", [grantee]))
class _IStreamProxy(
jsii.proxy_for(aws_cdk.core.IResource) # type: ignore[misc]
):
'''A Kinesis Stream.'''
__jsii_type__: typing.ClassVar[str] = "@aws-cdk/aws-kinesis.IStream"
@builtins.property # type: ignore[misc]
@jsii.member(jsii_name="streamArn")
def stream_arn(self) -> builtins.str:
'''The ARN of the stream.
:attribute: true
'''
return typing.cast(builtins.str, jsii.get(self, "streamArn"))
@builtins.property # type: ignore[misc]
@jsii.member(jsii_name="streamName")
def stream_name(self) -> builtins.str:
'''The name of the stream.
:attribute: true
'''
return typing.cast(builtins.str, jsii.get(self, "streamName"))
@builtins.property # type: ignore[misc]
@jsii.member(jsii_name="encryptionKey")
def encryption_key(self) -> typing.Optional[aws_cdk.aws_kms.IKey]:
'''Optional KMS encryption key associated with this stream.'''
return typing.cast(typing.Optional[aws_cdk.aws_kms.IKey],
jsii.get(self, "encryptionKey"))
@jsii.member(jsii_name="grant")
def grant(
self,
grantee: aws_cdk.aws_iam.IGrantable,
*actions: builtins.str,
) -> aws_cdk.aws_iam.Grant:
'''Grant the indicated permissions on this stream to the provided IAM principal.
:param grantee: -
:param actions: -
'''
return typing.cast(aws_cdk.aws_iam.Grant,
jsii.invoke(self, "grant", [grantee, *actions]))
@jsii.member(jsii_name="grantRead")
def grant_read(
self,
grantee: aws_cdk.aws_iam.IGrantable) -> aws_cdk.aws_iam.Grant:
'''Grant read permissions for this stream and its contents to an IAM principal (Role/Group/User).
If an encryption key is used, permission to ues the key to decrypt the
contents of the stream will also be granted.
:param grantee: -
'''
return typing.cast(aws_cdk.aws_iam.Grant,
jsii.invoke(self, "grantRead", [grantee]))
@jsii.member(jsii_name="grantReadWrite")
def grant_read_write(
self,
grantee: aws_cdk.aws_iam.IGrantable,
) -> aws_cdk.aws_iam.Grant:
'''Grants read/write permissions for this stream and its contents to an IAM principal (Role/Group/User).
If an encryption key is used, permission to use the key for
encrypt/decrypt will also be granted.
:param grantee: -
'''
return typing.cast(aws_cdk.aws_iam.Grant,
jsii.invoke(self, "grantReadWrite", [grantee]))
@jsii.member(jsii_name="grantWrite")
def grant_write(
self,
grantee: aws_cdk.aws_iam.IGrantable) -> aws_cdk.aws_iam.Grant:
'''Grant write permissions for this stream and its contents to an IAM principal (Role/Group/User).
If an encryption key is used, permission to ues the key to encrypt the
contents of the stream will also be granted.
:param grantee: -
'''
return typing.cast(aws_cdk.aws_iam.Grant,
jsii.invoke(self, "grantWrite", [grantee]))
class _IStreamProxy(jsii.proxy_for(aws_cdk.core.IResource)):
"""A Kinesis Stream."""
__jsii_type__ = "@aws-cdk/aws-kinesis.IStream"
@builtins.property
@jsii.member(jsii_name="streamArn")
def stream_arn(self) -> str:
"""The ARN of the stream.
attribute:
:attribute:: true
"""
return jsii.get(self, "streamArn")
@builtins.property
@jsii.member(jsii_name="streamName")
def stream_name(self) -> str:
"""The name of the stream.
attribute:
:attribute:: true
"""
return jsii.get(self, "streamName")
@builtins.property
@jsii.member(jsii_name="encryptionKey")
def encryption_key(self) -> typing.Optional[aws_cdk.aws_kms.IKey]:
"""Optional KMS encryption key associated with this stream."""
return jsii.get(self, "encryptionKey")
@jsii.member(jsii_name="grant")
def grant(self, grantee: aws_cdk.aws_iam.IGrantable,
*actions: str) -> aws_cdk.aws_iam.Grant:
"""Grant the indicated permissions on this stream to the provided IAM principal.
:param grantee: -
:param actions: -
"""
return jsii.invoke(self, "grant", [grantee, *actions])
@jsii.member(jsii_name="grantRead")
def grant_read(
self,
grantee: aws_cdk.aws_iam.IGrantable) -> aws_cdk.aws_iam.Grant:
"""Grant read permissions for this stream and its contents to an IAM principal (Role/Group/User).
If an encryption key is used, permission to ues the key to decrypt the
contents of the stream will also be granted.
:param grantee: -
"""
return jsii.invoke(self, "grantRead", [grantee])
@jsii.member(jsii_name="grantReadWrite")
def grant_read_write(
self,
grantee: aws_cdk.aws_iam.IGrantable) -> aws_cdk.aws_iam.Grant:
"""Grants read/write permissions for this stream and its contents to an IAM principal (Role/Group/User).
If an encryption key is used, permission to use the key for
encrypt/decrypt will also be granted.
:param grantee: -
"""
return jsii.invoke(self, "grantReadWrite", [grantee])
@jsii.member(jsii_name="grantWrite")
def grant_write(
self,
grantee: aws_cdk.aws_iam.IGrantable) -> aws_cdk.aws_iam.Grant:
"""Grant write permissions for this stream and its contents to an IAM principal (Role/Group/User).
If an encryption key is used, permission to ues the key to encrypt the
contents of the stream will also be granted.
:param grantee: -
"""
return jsii.invoke(self, "grantWrite", [grantee])
class _IRepositoryProxy(jsii.proxy_for(aws_cdk.cdk.IResource)):
"""Represents an ECR repository.
Stability:
experimental
"""
__jsii_type__ = "@aws-cdk/aws-ecr.IRepository"
@property
@jsii.member(jsii_name="repositoryArn")
def repository_arn(self) -> str:
"""The ARN of the repository.
Stability:
experimental
attribute:
true
"""
return jsii.get(self, "repositoryArn")
@property
@jsii.member(jsii_name="repositoryName")
def repository_name(self) -> str:
"""The name of the repository.
Stability:
experimental
attribute:
true
"""
return jsii.get(self, "repositoryName")
@property
@jsii.member(jsii_name="repositoryUri")
def repository_uri(self) -> str:
"""The URI of this repository (represents the latest image):.
ACCOUNT.dkr.ecr.REGION.amazonaws.com/REPOSITORY
Stability:
experimental
attribute:
true
"""
return jsii.get(self, "repositoryUri")
@jsii.member(jsii_name="addToResourcePolicy")
def add_to_resource_policy(self, statement: aws_cdk.aws_iam.PolicyStatement) -> None:
"""Add a policy statement to the repository's resource policy.
Arguments:
statement: -
Stability:
experimental
"""
return jsii.invoke(self, "addToResourcePolicy", [statement])
@jsii.member(jsii_name="grant")
def grant(self, grantee: aws_cdk.aws_iam.IGrantable, *actions: str) -> aws_cdk.aws_iam.Grant:
"""Grant the given principal identity permissions to perform the actions on this repository.
Arguments:
grantee: -
actions: -
Stability:
experimental
"""
return jsii.invoke(self, "grant", [grantee, *actions])
@jsii.member(jsii_name="grantPull")
def grant_pull(self, grantee: aws_cdk.aws_iam.IGrantable) -> aws_cdk.aws_iam.Grant:
"""Grant the given identity permissions to pull images in this repository.
Arguments:
grantee: -
Stability:
experimental
"""
return jsii.invoke(self, "grantPull", [grantee])
@jsii.member(jsii_name="grantPullPush")
def grant_pull_push(self, grantee: aws_cdk.aws_iam.IGrantable) -> aws_cdk.aws_iam.Grant:
"""Grant the given identity permissions to pull and push images to this repository.
Arguments:
grantee: -
Stability:
experimental
"""
return jsii.invoke(self, "grantPullPush", [grantee])
@jsii.member(jsii_name="onCloudTrailEvent")
def on_cloud_trail_event(self, id: str, *, target: aws_cdk.aws_events.IRuleTarget, description: typing.Optional[str]=None, event_pattern: typing.Optional[aws_cdk.aws_events.EventPattern]=None, rule_name: typing.Optional[str]=None) -> aws_cdk.aws_events.Rule:
"""Define a CloudWatch event that triggers when something happens to this repository.
Requires that there exists at least one CloudTrail Trail in your account
that captures the event. This method will not create the Trail.
Arguments:
id: The id of the rule.
options: Options for adding the rule.
target: The target to register for the event.
description: A description of the rule's purpose.
eventPattern: Additional restrictions for the event to route to the specified target. The method that generates the rule probably imposes some type of event filtering. The filtering implied by what you pass here is added on top of that filtering.
ruleName: A name for the rule. Default: AWS CloudFormation generates a unique physical ID.
Stability:
experimental
"""
options: aws_cdk.aws_events.OnEventOptions = {"target": target}
if description is not None:
options["description"] = description
if event_pattern is not None:
options["eventPattern"] = event_pattern
if rule_name is not None:
options["ruleName"] = rule_name
return jsii.invoke(self, "onCloudTrailEvent", [id, options])
@jsii.member(jsii_name="onCloudTrailImagePushed")
def on_cloud_trail_image_pushed(self, id: str, *, image_tag: typing.Optional[str]=None, target: aws_cdk.aws_events.IRuleTarget, description: typing.Optional[str]=None, event_pattern: typing.Optional[aws_cdk.aws_events.EventPattern]=None, rule_name: typing.Optional[str]=None) -> aws_cdk.aws_events.Rule:
"""Defines an AWS CloudWatch event rule that can trigger a target when an image is pushed to this repository.
Requires that there exists at least one CloudTrail Trail in your account
that captures the event. This method will not create the Trail.
Arguments:
id: The id of the rule.
options: Options for adding the rule.
imageTag: Only watch changes to this image tag. Default: - Watch changes to all tags
target: The target to register for the event.
description: A description of the rule's purpose.
eventPattern: Additional restrictions for the event to route to the specified target. The method that generates the rule probably imposes some type of event filtering. The filtering implied by what you pass here is added on top of that filtering.
ruleName: A name for the rule. Default: AWS CloudFormation generates a unique physical ID.
Stability:
experimental
"""
options: OnCloudTrailImagePushedOptions = {"target": target}
if image_tag is not None:
options["imageTag"] = image_tag
if description is not None:
options["description"] = description
if event_pattern is not None:
options["eventPattern"] = event_pattern
if rule_name is not None:
options["ruleName"] = rule_name
return jsii.invoke(self, "onCloudTrailImagePushed", [id, options])
@jsii.member(jsii_name="repositoryUriForTag")
def repository_uri_for_tag(self, tag: typing.Optional[str]=None) -> str:
"""Returns the URI of the repository for a certain tag. Can be used in ``docker push/pull``.
ACCOUNT.dkr.ecr.REGION.amazonaws.com/REPOSITORY[:TAG]
Arguments:
tag: Image tag to use (tools usually default to "latest" if omitted).
Stability:
experimental
"""
return jsii.invoke(self, "repositoryUriForTag", [tag])
class _IKeyProxy(jsii.proxy_for(aws_cdk.core.IResource)):
"""A KMS Key, either managed by this CDK app, or imported."""
__jsii_type__ = "@aws-cdk/aws-kms.IKey"
@property
@jsii.member(jsii_name="keyArn")
def key_arn(self) -> str:
"""The ARN of the key.
attribute:
:attribute:: true
"""
return jsii.get(self, "keyArn")
@property
@jsii.member(jsii_name="keyId")
def key_id(self) -> str:
"""The ID of the key (the part that looks something like: 1234abcd-12ab-34cd-56ef-1234567890ab).
attribute:
:attribute:: true
"""
return jsii.get(self, "keyId")
@jsii.member(jsii_name="addAlias")
def add_alias(self, alias: str) -> "Alias":
"""Defines a new alias for the key.
:param alias: -
"""
return jsii.invoke(self, "addAlias", [alias])
@jsii.member(jsii_name="addToResourcePolicy")
def add_to_resource_policy(self, statement: aws_cdk.aws_iam.PolicyStatement, allow_no_op: typing.Optional[bool]=None) -> None:
"""Adds a statement to the KMS key resource policy.
:param statement: The policy statement to add.
:param allow_no_op: If this is set to ``false`` and there is no policy defined (i.e. external key), the operation will fail. Otherwise, it will no-op.
"""
return jsii.invoke(self, "addToResourcePolicy", [statement, allow_no_op])
@jsii.member(jsii_name="grant")
def grant(self, grantee: aws_cdk.aws_iam.IGrantable, *actions: str) -> aws_cdk.aws_iam.Grant:
"""Grant the indicated permissions on this key to the given principal.
:param grantee: -
:param actions: -
"""
return jsii.invoke(self, "grant", [grantee, *actions])
@jsii.member(jsii_name="grantDecrypt")
def grant_decrypt(self, grantee: aws_cdk.aws_iam.IGrantable) -> aws_cdk.aws_iam.Grant:
"""Grant decryption permisisons using this key to the given principal.
:param grantee: -
"""
return jsii.invoke(self, "grantDecrypt", [grantee])
@jsii.member(jsii_name="grantEncrypt")
def grant_encrypt(self, grantee: aws_cdk.aws_iam.IGrantable) -> aws_cdk.aws_iam.Grant:
"""Grant encryption permisisons using this key to the given principal.
:param grantee: -
"""
return jsii.invoke(self, "grantEncrypt", [grantee])
@jsii.member(jsii_name="grantEncryptDecrypt")
def grant_encrypt_decrypt(self, grantee: aws_cdk.aws_iam.IGrantable) -> aws_cdk.aws_iam.Grant:
"""Grant encryption and decryption permisisons using this key to the given principal.
:param grantee: -
"""
return jsii.invoke(self, "grantEncryptDecrypt", [grantee])
class _IKeyProxy(jsii.proxy_for(aws_cdk.cdk.IResource)):
"""A KMS Key, either managed by this CDK app, or imported.
Stability:
experimental
"""
__jsii_type__ = "@aws-cdk/aws-kms.IKey"
@property
@jsii.member(jsii_name="keyArn")
def key_arn(self) -> str:
"""The ARN of the key.
Stability:
experimental
attribute:
true
"""
return jsii.get(self, "keyArn")
@jsii.member(jsii_name="addAlias")
def add_alias(self, alias: str) -> "Alias":
"""Defines a new alias for the key.
Arguments:
alias: -
Stability:
experimental
"""
return jsii.invoke(self, "addAlias", [alias])
@jsii.member(jsii_name="addToResourcePolicy")
def add_to_resource_policy(
self,
statement: aws_cdk.aws_iam.PolicyStatement,
allow_no_op: typing.Optional[bool] = None) -> None:
"""Adds a statement to the KMS key resource policy.
Arguments:
statement: The policy statement to add.
allowNoOp: If this is set to ``false`` and there is no policy defined (i.e. external key), the operation will fail. Otherwise, it will no-op.
Stability:
experimental
"""
return jsii.invoke(self, "addToResourcePolicy",
[statement, allow_no_op])
@jsii.member(jsii_name="grant")
def grant(self, grantee: aws_cdk.aws_iam.IGrantable,
*actions: str) -> aws_cdk.aws_iam.Grant:
"""Grant the indicated permissions on this key to the given principal.
Arguments:
grantee: -
actions: -
Stability:
experimental
"""
return jsii.invoke(self, "grant", [grantee, *actions])
@jsii.member(jsii_name="grantDecrypt")
def grant_decrypt(
self,
grantee: aws_cdk.aws_iam.IGrantable) -> aws_cdk.aws_iam.Grant:
"""Grant decryption permisisons using this key to the given principal.
Arguments:
grantee: -
Stability:
experimental
"""
return jsii.invoke(self, "grantDecrypt", [grantee])
@jsii.member(jsii_name="grantEncrypt")
def grant_encrypt(
self,
grantee: aws_cdk.aws_iam.IGrantable) -> aws_cdk.aws_iam.Grant:
"""Grant encryption permisisons using this key to the given principal.
Arguments:
grantee: -
Stability:
experimental
"""
return jsii.invoke(self, "grantEncrypt", [grantee])
@jsii.member(jsii_name="grantEncryptDecrypt")
def grant_encrypt_decrypt(
self,
grantee: aws_cdk.aws_iam.IGrantable) -> aws_cdk.aws_iam.Grant:
"""Grant encryption and decryption permisisons using this key to the given principal.
Arguments:
grantee: -
Stability:
experimental
"""
return jsii.invoke(self, "grantEncryptDecrypt", [grantee])
