Skip to main content

Class: Permission

Defined in: packages/depot-cdk/src/stage-depot-dataset-permission.ts:37

Helper class to create DepotPermission objects.

Constructors

Constructor

new Permission(): Permission

Returns

Permission

Methods

anonymous()

static anonymous(): DepotPermission

Defined in: packages/depot-cdk/src/stage-depot-dataset-permission.ts:39

Permission to allow any user to access the resource.

Returns

DepotPermission


authenticated()

static authenticated(): DepotPermission

Defined in: packages/depot-cdk/src/stage-depot-dataset-permission.ts:47

Permission to allow only authenticated users to access the resource.

Returns

DepotPermission


callerWithAnyOfClaims()

static callerWithAnyOfClaims(claim, ...values): DepotPermission

Defined in: packages/depot-cdk/src/stage-depot-dataset-permission.ts:68

Permission to allow only callers with at least one of the specified claims to access the resource.

Parameters

claim

string

values

...string[]

Returns

DepotPermission


callerWithAnyOfPassRoles()

static callerWithAnyOfPassRoles(...roleNames): DepotPermission

Defined in: packages/depot-cdk/src/stage-depot-dataset-permission.ts:88

Permission to allow only callers with at least one of the specified Pass role memberships to access the resource.

Parameters

roleNames

...string[]

Returns

DepotPermission


callerWithClaim()

static callerWithClaim(claim, value): DepotPermission

Defined in: packages/depot-cdk/src/stage-depot-dataset-permission.ts:63

Permission to allow only callers with the specified claim to access the resource.

Parameters

claim

string

value

string

Returns

DepotPermission


callerWithCognitoGroup()

static callerWithCognitoGroup(groupName): DepotPermission

Defined in: packages/depot-cdk/src/stage-depot-dataset-permission.ts:95

Permission to allow only callers with the specified Cognito group membership to access the resource.

Parameters

groupName

string

Returns

DepotPermission

Deprecated

Use callerWithPassRole instead.


callerWithPassRole()

static callerWithPassRole(roleName): DepotPermission

Defined in: packages/depot-cdk/src/stage-depot-dataset-permission.ts:83

Permission to allow only callers with the specified Pass role membership to access the resource.

Parameters

roleName

string

Returns

DepotPermission


none()

static none(): DepotPermission

Defined in: packages/depot-cdk/src/stage-depot-dataset-permission.ts:55

Permission to disallow API access for any user, anonymous or not.

Returns

DepotPermission


withExpression()

static withExpression(expression): DepotPermission

Defined in: packages/depot-cdk/src/stage-depot-dataset-permission.ts:75

Permission to allow access only if the expression evaluates to true.

Parameters

expression

string

Returns

DepotPermission