Skip to content

Commit

Permalink
feat(apigateway): add grantExecute to API Methods (#25630)
Browse files Browse the repository at this point in the history
To grant permission to a user:

```ts
const books = api.root.addResource('books');
books.grantExecute(user);
```


Closes #5198.

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
  • Loading branch information
otaviomacedo authored May 19, 2023
1 parent 0643020 commit ecb59fd
Show file tree
Hide file tree
Showing 12 changed files with 863 additions and 0 deletions.
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
{
"version": "31.0.0",
"files": {
"454874b4674a38a5eb7ede0bc79fe77dcbf5062acaeb3b4424c7919758ae5191": {
"source": {
"path": "GrantExecute.template.json",
"packaging": "file"
},
"destinations": {
"current_account-current_region": {
"bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
"objectKey": "454874b4674a38a5eb7ede0bc79fe77dcbf5062acaeb3b4424c7919758ae5191.json",
"assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
}
}
}
},
"dockerImages": {}
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,179 @@
{
"Resources": {
"user2C2B57AE": {
"Type": "AWS::IAM::User"
},
"userDefaultPolicy083DF682": {
"Type": "AWS::IAM::Policy",
"Properties": {
"PolicyDocument": {
"Statement": [
{
"Action": "execute-api:Invoke",
"Effect": "Allow",
"Resource": {
"Fn::Join": [
"",
[
"arn:",
{
"Ref": "AWS::Partition"
},
":execute-api:",
{
"Ref": "AWS::Region"
},
":",
{
"Ref": "AWS::AccountId"
},
":",
{
"Ref": "testapiD6451F70"
},
"/",
{
"Ref": "testapiDeploymentStageprod5C9E92A4"
},
"/GET/pets"
]
]
}
}
],
"Version": "2012-10-17"
},
"PolicyName": "userDefaultPolicy083DF682",
"Users": [
{
"Ref": "user2C2B57AE"
}
]
}
},
"testapiD6451F70": {
"Type": "AWS::ApiGateway::RestApi",
"Properties": {
"Name": "test-api"
}
},
"testapiDeployment356D2C358af14d7f8fefbad1c57a65ea01cc6136": {
"Type": "AWS::ApiGateway::Deployment",
"Properties": {
"RestApiId": {
"Ref": "testapiD6451F70"
},
"Description": "Automatically created by the RestApi construct"
},
"DependsOn": [
"testapipetsGET25A78130",
"testapipets981F319E"
]
},
"testapiDeploymentStageprod5C9E92A4": {
"Type": "AWS::ApiGateway::Stage",
"Properties": {
"RestApiId": {
"Ref": "testapiD6451F70"
},
"DeploymentId": {
"Ref": "testapiDeployment356D2C358af14d7f8fefbad1c57a65ea01cc6136"
},
"StageName": "prod"
}
},
"testapipets981F319E": {
"Type": "AWS::ApiGateway::Resource",
"Properties": {
"ParentId": {
"Fn::GetAtt": [
"testapiD6451F70",
"RootResourceId"
]
},
"PathPart": "pets",
"RestApiId": {
"Ref": "testapiD6451F70"
}
}
},
"testapipetsGET25A78130": {
"Type": "AWS::ApiGateway::Method",
"Properties": {
"HttpMethod": "GET",
"ResourceId": {
"Ref": "testapipets981F319E"
},
"RestApiId": {
"Ref": "testapiD6451F70"
},
"AuthorizationType": "NONE",
"Integration": {
"Type": "MOCK"
}
}
}
},
"Outputs": {
"testapiEndpoint4AE34D29": {
"Value": {
"Fn::Join": [
"",
[
"https://",
{
"Ref": "testapiD6451F70"
},
".execute-api.",
{
"Ref": "AWS::Region"
},
".",
{
"Ref": "AWS::URLSuffix"
},
"/",
{
"Ref": "testapiDeploymentStageprod5C9E92A4"
},
"/"
]
]
}
}
},
"Parameters": {
"BootstrapVersion": {
"Type": "AWS::SSM::Parameter::Value<String>",
"Default": "/cdk-bootstrap/hnb659fds/version",
"Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]"
}
},
"Rules": {
"CheckBootstrapVersion": {
"Assertions": [
{
"Assert": {
"Fn::Not": [
{
"Fn::Contains": [
[
"1",
"2",
"3",
"4",
"5"
],
{
"Ref": "BootstrapVersion"
}
]
}
]
},
"AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI."
}
]
}
}
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
{
"version": "31.0.0",
"files": {
"21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": {
"source": {
"path": "GrantExecuteTestDefaultTestDeployAssertA66B6F20.template.json",
"packaging": "file"
},
"destinations": {
"current_account-current_region": {
"bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
"objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json",
"assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
}
}
}
},
"dockerImages": {}
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
{
"Parameters": {
"BootstrapVersion": {
"Type": "AWS::SSM::Parameter::Value<String>",
"Default": "/cdk-bootstrap/hnb659fds/version",
"Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]"
}
},
"Rules": {
"CheckBootstrapVersion": {
"Assertions": [
{
"Assert": {
"Fn::Not": [
{
"Fn::Contains": [
[
"1",
"2",
"3",
"4",
"5"
],
{
"Ref": "BootstrapVersion"
}
]
}
]
},
"AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI."
}
]
}
}
}
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
{"version":"31.0.0"}
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
{
"version": "31.0.0",
"testCases": {
"GrantExecuteTest/DefaultTest": {
"stacks": [
"GrantExecute"
],
"assertionStack": "GrantExecuteTest/DefaultTest/DeployAssert",
"assertionStackName": "GrantExecuteTestDefaultTestDeployAssertA66B6F20"
}
}
}
Loading

0 comments on commit ecb59fd

Please sign in to comment.