How to use where clause in Knex
Create refunds with Stripe
Load HTML with Cheerio
How to send POST request with Axios
Find intersection of array in Lodash
Powered by Official white Bloop logo with a period

Terms / Privacy / Search / Support

  • // provide permissions to describe the user pool scoped to the ARN the user pool
    postAuthFn.role?.attachInlinePolicy(new iam.Policy(this, 'userpool-policy', {
      statements: [new iam.PolicyStatement({
        actions: ['cognito-idp:DescribeUserPool'],
        resources: [userpool.userPoolArn],
      })],
    }));
    
    Docs
    0
  • const policyDocument = {
      "Version": "2012-10-17",
      "Statement": [
        {
          "Sid": "FirstStatement",
          "Effect": "Allow",
          "Action": ["iam:ChangePassword"],
          "Resource": "*"
        },
        {
          "Sid": "SecondStatement",
          "Effect": "Allow",
          "Action": "s3:ListAllMyBuckets",
          "Resource": "*"
        },
        {
          "Sid": "ThirdStatement",
          "Effect": "Allow",
          "Action": [
            "s3:List*",
            "s3:Get*"
          ],
          "Resource": [
            "arn:aws:s3:::confidential-data",
            "arn:aws:s3:::confidential-data/*"
          ],
          "Condition": {"Bool": {"aws:MultiFactorAuthPresent": "true"}}
        }
      ]
    };
    
    const customPolicyDocument = iam.PolicyDocument.fromJson(policyDocument);
    
    // You can pass this document as an initial document to a ManagedPolicy
    // or inline Policy.
    const newManagedPolicy = new iam.ManagedPolicy(this, 'MyNewManagedPolicy', {
      document: customPolicyDocument,
    });
    const newPolicy = new iam.Policy(this, 'MyNewPolicy', {
      document: customPolicyDocument,
    });
    
    Docs
    0
  • declare const books: apigateway.Resource;
    declare const iamUser: iam.User;
    
    const getBooks = books.addMethod('GET', new apigateway.HttpIntegration('http://amazon.com'), {
      authorizationType: apigateway.AuthorizationType.IAM
    });
    
    iamUser.attachInlinePolicy(new iam.Policy(this, 'AllowBooks', {
      statements: [
        new iam.PolicyStatement({
          actions: [ 'execute-api:Invoke' ],
          effect: iam.Effect.ALLOW,
          resources: [ getBooks.methodArn ]
        })
      ]
    }))
    
    Docs
    0
  • // This imports an existing policy.
    const boundary = iam.ManagedPolicy.fromManagedPolicyArn(this, 'Boundary', 'arn:aws:iam::123456789012:policy/boundary');
    
    // This creates a new boundary
    const boundary2 = new iam.ManagedPolicy(this, 'Boundary2', {
      statements: [
        new iam.PolicyStatement({
          effect: iam.Effect.DENY,
          actions: ['iam:*'],
          resources: ['*'],
        }),
      ],
    });
    
    // Directly apply the boundary to a Role you create
    declare const role: iam.Role;
    iam.PermissionsBoundary.of(role).apply(boundary);
    
    // Apply the boundary to an Role that was implicitly created for you
    declare const fn: lambda.Function;
    iam.PermissionsBoundary.of(fn).apply(boundary);
    
    // Apply the boundary to all Roles in a stack
    iam.PermissionsBoundary.of(this).apply(boundary);
    
    // Remove a Permissions Boundary that is inherited, for example from the Stack level
    declare const customResource: CustomResource;
    iam.PermissionsBoundary.of(customResource).clear();
    
    Docs
    0
  • const bucket = s3.Bucket.fromBucketName(this, 'existingBucket', 'bucket-name');
    
    // No policy statement will be added to the resource
    const result = bucket.addToResourcePolicy(new iam.PolicyStatement({
      actions: ['s3:GetObject'],
      resources: [bucket.arnForObjects('file.txt')],
      principals: [new iam.AccountRootPrincipal()],
    }));
    
    Docs
    1
  • new pipelines.CodePipeline(this, 'Pipeline', {
      synth: new pipelines.CodeBuildStep('Synth', {
        input: pipelines.CodePipelineSource.connection('my-org/my-app', 'main', {
          connectionArn: 'arn:aws:codestar-connections:us-east-1:222222222222:connection/7d2469ff-514a-4e4f-9003-5ca4a43cdc41', // Created using the AWS console * });',
        }),
        commands: [
          // Commands to load cdk.context.json from somewhere here
          '...',
          'npm ci',
          'npm run build',
          'npx cdk synth',
          // Commands to store cdk.context.json back here
          '...',
        ],
        rolePolicyStatements: [
          new iam.PolicyStatement({
            actions: ['sts:AssumeRole'],
            resources: ['*'],
            conditions: {
              StringEquals: {
                'iam:ResourceTag/aws-cdk:bootstrap-role': 'lookup',
              },
            },
          }),
        ],
      }),
    });
    
    Docs
    0
  • declare const vpc: ec2.Vpc;
    declare const mySecurityGroup: ec2.SecurityGroup;
    new pipelines.CodeBuildStep('Synth', {
      // ...standard ShellStep props...
      commands: [/* ... */],
      env: { /* ... */ },
    
      // If you are using a CodeBuildStep explicitly, set the 'cdk.out' directory
      // to be the synth step's output.
      primaryOutputDirectory: 'cdk.out',
    
      // Control the name of the project
      projectName: 'MyProject',
    
      // Control parts of the BuildSpec other than the regular 'build' and 'install' commands
      partialBuildSpec: codebuild.BuildSpec.fromObject({
        version: '0.2',
        // ...
      }),
    
      // Control the build environment
      buildEnvironment: {
        computeType: codebuild.ComputeType.LARGE,
      },
    
      // Control Elastic Network Interface creation
      vpc: vpc,
      subnetSelection: { subnetType: ec2.SubnetType.PRIVATE },
      securityGroups: [mySecurityGroup],
    
      // Additional policy statements for the execution role
      rolePolicyStatements: [
        new iam.PolicyStatement({ /* ... */ }),
      ],
    });
    
    Docs
    0
  • new lambda.Function(this, 'OnEventHandler', {
      // ...
      initialPolicy: [
        new iam.PolicyStatement({ actions: [ 's3:GetObject*' ], resources: [ '*' ] })
      ]
    });
    
    Docs
    0
  • // provide permissions to describe the user pool scoped to the ARN the user pool
    postAuthFn.role?.attachInlinePolicy(new iam.Policy(this, 'userpool-policy', {
      statements: [new iam.PolicyStatement({
        actions: ['cognito-idp:DescribeUserPool'],
        resources: [userpool.userPoolArn],
      })],
    }));
    
    Docs
    0
  • // The code below shows an example of how to instantiate this type.
    // The values are placeholders you should change.
    import * as iam from '@aws-cdk/aws-iam';
    
    declare const policyDocument: any;
    
    const cfnPolicy = new iam.CfnPolicy(this, 'MyCfnPolicy', {
      policyDocument: policyDocument,
      policyName: 'policyName',
    
      // the properties below are optional
      groups: ['groups'],
      roles: ['roles'],
      users: ['users'],
    });
    
    Docs
    0
  • async function main() {
      const auth = new GoogleAuth({
        scopes: 'https://www.googleapis.com/auth/cloud-platform'
      });
      const client = await auth.getClient();
      const projectId = await auth.getProjectId();
      // List all buckets in a project.
      const url = `https://storage.googleapis.com/storage/v1/b?project=${projectId}`;
      const res = await client.request({ url });
      console.log(res.data);
    }
    <pre class="typing-tooltip"><code data-language="javascript" class="language-javascript"><span class="token keyword">function</span> <span class="token function">main</span><span class="token punctuation">(</span><span class="token punctuation">)</span><span class="token operator">:</span> <span class="token builtin">Promise</span><span class="token operator">&lt;</span><span class="token keyword">void</span><span class="token operator">></span></code></pre>
    Docs
    0
  • const {GoogleAuth} = require('google-auth-library');
    
    /**
    * Instead of specifying the type of client you'd like to use (JWT, OAuth2, etc)
    * this library will automatically choose the right client based on the environment.
    */
    async function main() {
      const auth = new GoogleAuth({
        scopes: 'https://www.googleapis.com/auth/cloud-platform'
      });
      const client = await auth.getClient();
      const projectId = await auth.getProjectId();
      const url = `https://dns.googleapis.com/dns/v1/projects/${projectId}`;
      const res = await client.request({ url });
      console.log(res.data);
    }
    
    main().catch(console.error);
    <pre class="typing-tooltip"><code data-language="javascript" class="language-javascript"><span class="token punctuation">(</span>alias<span class="token punctuation">)</span> <span class="token keyword">class</span> <span class="token class-name">GoogleAuth</span> <span class="token keyword">import</span> GoogleAuth</code></pre>
    Docs
    0
  • Powered by Official black Bloop logo with a period
    download the IDE extension

    View other examples