com.amazonaws.services.lambda.model

Class AddPermissionRequest

java.lang.Object

com.amazonaws.AmazonWebServiceRequest

com.amazonaws.services.lambda.model.AddPermissionRequest

All Implemented Interfaces:

ReadLimitInfo, Serializable, Cloneable

public class AddPermissionRequest
extends AmazonWebServiceRequest
implements Serializable, Cloneable

Container for the parameters to the AddPermission operation.

Adds a permission to the access policy associated with the specified AWS Lambda function. In a "push event" model, the access policy attached to the Lambda function grants Amazon S3 or a user application permission for the Lambda lambda:Invoke action. For information about the push model, see AWS Lambda: How it Works . Each Lambda function has one access policy associated with it. You can use the AddPermission API to add a permission to the policy. You have one access policy but it can have multiple permission statements.

This operation requires permission for the lambda:AddPermission action.

See Also:

AWSLambda.addPermission(AddPermissionRequest), Serialized Form

Field Summary

Fields inherited from class com.amazonaws.AmazonWebServiceRequest

NOOP

Constructor Summary

Constructors

Constructor and Description
AddPermissionRequest()

Method Summary

Methods

Modifier and Type	Method and Description
AddPermissionRequest	clone()
boolean	equals(Object obj)
String	getAction() The AWS Lambda action you want to allow in this statement.
String	getFunctionName() Name of the Lambda function whose access policy you are updating by adding a new permission.
String	getPrincipal() The principal who is getting this permission.
String	getSourceAccount() The AWS account ID (without a hyphen) of the source owner.
String	getSourceArn() This is optional; however, when granting Amazon S3 permission to invoke your function, you should specify this field with the bucket Amazon Resource Name (ARN) as its value.
String	getStatementId() A unique statement identifier.
int	hashCode()
void	setAction(String action) The AWS Lambda action you want to allow in this statement.
void	setFunctionName(String functionName) Name of the Lambda function whose access policy you are updating by adding a new permission.
void	setPrincipal(String principal) The principal who is getting this permission.
void	setSourceAccount(String sourceAccount) The AWS account ID (without a hyphen) of the source owner.
void	setSourceArn(String sourceArn) This is optional; however, when granting Amazon S3 permission to invoke your function, you should specify this field with the bucket Amazon Resource Name (ARN) as its value.
void	setStatementId(String statementId) A unique statement identifier.
String	toString() Returns a string representation of this object; useful for testing and debugging.
AddPermissionRequest	withAction(String action) The AWS Lambda action you want to allow in this statement.
AddPermissionRequest	withFunctionName(String functionName) Name of the Lambda function whose access policy you are updating by adding a new permission.
AddPermissionRequest	withPrincipal(String principal) The principal who is getting this permission.
AddPermissionRequest	withSourceAccount(String sourceAccount) The AWS account ID (without a hyphen) of the source owner.
AddPermissionRequest	withSourceArn(String sourceArn) This is optional; however, when granting Amazon S3 permission to invoke your function, you should specify this field with the bucket Amazon Resource Name (ARN) as its value.
AddPermissionRequest	withStatementId(String statementId) A unique statement identifier.

Methods inherited from class com.amazonaws.AmazonWebServiceRequest

copyBaseTo, getCustomRequestHeaders, getGeneralProgressListener, getReadLimit, getRequestClientOptions, getRequestCredentials, getRequestMetricCollector, putCustomRequestHeader, setGeneralProgressListener, setRequestCredentials, setRequestMetricCollector, withGeneralProgressListener, withRequestMetricCollector

Methods inherited from class java.lang.Object

finalize, getClass, notify, notifyAll, wait, wait, wait

Constructor Detail

AddPermissionRequest

public AddPermissionRequest()

Method Detail

getFunctionName

public String getFunctionName()

Name of the Lambda function whose access policy you are updating by adding a new permission.

You can specify an unqualified function name (for example, "Thumbnail") or you can specify Amazon Resource Name (ARN) of the function (for example, "arn:aws:lambda:us-west-2:account-id:function:ThumbNail"). AWS Lambda also allows you to specify only the account ID qualifier (for example, "account-id:Thumbnail"). Note that the length constraint applies only to the ARN. If you specify only the function name, it is limited to 64 character in length.

Constraints:
Length: 1 - 111
Pattern: (arn:aws:lambda:)?([a-z]{2}-[a-z]+-\d{1}:)?(\d{12}:)?(function:)?([a-zA-Z0-9-_]+)

Returns:

Name of the Lambda function whose access policy you are updating by adding a new permission.

You can specify an unqualified function name (for example, "Thumbnail") or you can specify Amazon Resource Name (ARN) of the function (for example, "arn:aws:lambda:us-west-2:account-id:function:ThumbNail"). AWS Lambda also allows you to specify only the account ID qualifier (for example, "account-id:Thumbnail"). Note that the length constraint applies only to the ARN. If you specify only the function name, it is limited to 64 character in length.

setFunctionName

public void setFunctionName(String functionName)

Name of the Lambda function whose access policy you are updating by adding a new permission.

You can specify an unqualified function name (for example, "Thumbnail") or you can specify Amazon Resource Name (ARN) of the function (for example, "arn:aws:lambda:us-west-2:account-id:function:ThumbNail"). AWS Lambda also allows you to specify only the account ID qualifier (for example, "account-id:Thumbnail"). Note that the length constraint applies only to the ARN. If you specify only the function name, it is limited to 64 character in length.

Constraints:
Length: 1 - 111
Pattern: (arn:aws:lambda:)?([a-z]{2}-[a-z]+-\d{1}:)?(\d{12}:)?(function:)?([a-zA-Z0-9-_]+)

Parameters:

functionName - Name of the Lambda function whose access policy you are updating by adding a new permission.

You can specify an unqualified function name (for example, "Thumbnail") or you can specify Amazon Resource Name (ARN) of the function (for example, "arn:aws:lambda:us-west-2:account-id:function:ThumbNail"). AWS Lambda also allows you to specify only the account ID qualifier (for example, "account-id:Thumbnail"). Note that the length constraint applies only to the ARN. If you specify only the function name, it is limited to 64 character in length.

withFunctionName

public AddPermissionRequest withFunctionName(String functionName)

Name of the Lambda function whose access policy you are updating by adding a new permission.

You can specify an unqualified function name (for example, "Thumbnail") or you can specify Amazon Resource Name (ARN) of the function (for example, "arn:aws:lambda:us-west-2:account-id:function:ThumbNail"). AWS Lambda also allows you to specify only the account ID qualifier (for example, "account-id:Thumbnail"). Note that the length constraint applies only to the ARN. If you specify only the function name, it is limited to 64 character in length.

Returns a reference to this object so that method calls can be chained together.

Constraints:
Length: 1 - 111
Pattern: (arn:aws:lambda:)?([a-z]{2}-[a-z]+-\d{1}:)?(\d{12}:)?(function:)?([a-zA-Z0-9-_]+)

Parameters:

functionName - Name of the Lambda function whose access policy you are updating by adding a new permission.

You can specify an unqualified function name (for example, "Thumbnail") or you can specify Amazon Resource Name (ARN) of the function (for example, "arn:aws:lambda:us-west-2:account-id:function:ThumbNail"). AWS Lambda also allows you to specify only the account ID qualifier (for example, "account-id:Thumbnail"). Note that the length constraint applies only to the ARN. If you specify only the function name, it is limited to 64 character in length.

Returns:

A reference to this updated object so that method calls can be chained together.

getStatementId

public String getStatementId()

A unique statement identifier.

Constraints:
Length: 1 - 100
Pattern: ([a-zA-Z0-9-_]+)

Returns:

A unique statement identifier.

setStatementId

public void setStatementId(String statementId)

A unique statement identifier.

Constraints:
Length: 1 - 100
Pattern: ([a-zA-Z0-9-_]+)

Parameters:

statementId - A unique statement identifier.

withStatementId

public AddPermissionRequest withStatementId(String statementId)

A unique statement identifier.

Returns a reference to this object so that method calls can be chained together.

Constraints:
Length: 1 - 100
Pattern: ([a-zA-Z0-9-_]+)

Parameters:

statementId - A unique statement identifier.

Returns:

A reference to this updated object so that method calls can be chained together.

getAction

public String getAction()

The AWS Lambda action you want to allow in this statement. Each Lambda action is a string starting with "lambda:" followed by the API name (see Operations). For example, "lambda:CreateFunction". You can use wildcard ("lambda:*") to grant permission for all AWS Lambda actions.

Constraints:
Pattern: (lambda:[*]|lambda:[a-zA-Z]+|[*])

Returns:

The AWS Lambda action you want to allow in this statement. Each Lambda action is a string starting with "lambda:" followed by the API name (see Operations). For example, "lambda:CreateFunction". You can use wildcard ("lambda:*") to grant permission for all AWS Lambda actions.

setAction

public void setAction(String action)

The AWS Lambda action you want to allow in this statement. Each Lambda action is a string starting with "lambda:" followed by the API name (see Operations). For example, "lambda:CreateFunction". You can use wildcard ("lambda:*") to grant permission for all AWS Lambda actions.

Constraints:
Pattern: (lambda:[*]|lambda:[a-zA-Z]+|[*])

Parameters:

action - The AWS Lambda action you want to allow in this statement. Each Lambda action is a string starting with "lambda:" followed by the API name (see Operations). For example, "lambda:CreateFunction". You can use wildcard ("lambda:*") to grant permission for all AWS Lambda actions.

withAction

public AddPermissionRequest withAction(String action)

The AWS Lambda action you want to allow in this statement. Each Lambda action is a string starting with "lambda:" followed by the API name (see Operations). For example, "lambda:CreateFunction". You can use wildcard ("lambda:*") to grant permission for all AWS Lambda actions.

Returns a reference to this object so that method calls can be chained together.

Constraints:
Pattern: (lambda:[*]|lambda:[a-zA-Z]+|[*])

Parameters:

action - The AWS Lambda action you want to allow in this statement. Each Lambda action is a string starting with "lambda:" followed by the API name (see Operations). For example, "lambda:CreateFunction". You can use wildcard ("lambda:*") to grant permission for all AWS Lambda actions.

Returns:

A reference to this updated object so that method calls can be chained together.

getPrincipal

public String getPrincipal()

The principal who is getting this permission. It can be Amazon S3 service Principal ("s3.amazonaws.com") if you want Amazon S3 to invoke the function, an AWS account ID if you are granting cross-account permission, or any valid AWS service principal such as "sns.amazonaws.com". For example, you might want to allow a custom application in another AWS account to push events to AWS Lambda by invoking your function.

Constraints:
Pattern: .*

Returns:

The principal who is getting this permission. It can be Amazon S3 service Principal ("s3.amazonaws.com") if you want Amazon S3 to invoke the function, an AWS account ID if you are granting cross-account permission, or any valid AWS service principal such as "sns.amazonaws.com". For example, you might want to allow a custom application in another AWS account to push events to AWS Lambda by invoking your function.

setPrincipal

public void setPrincipal(String principal)

The principal who is getting this permission. It can be Amazon S3 service Principal ("s3.amazonaws.com") if you want Amazon S3 to invoke the function, an AWS account ID if you are granting cross-account permission, or any valid AWS service principal such as "sns.amazonaws.com". For example, you might want to allow a custom application in another AWS account to push events to AWS Lambda by invoking your function.

Constraints:
Pattern: .*

Parameters:

principal - The principal who is getting this permission. It can be Amazon S3 service Principal ("s3.amazonaws.com") if you want Amazon S3 to invoke the function, an AWS account ID if you are granting cross-account permission, or any valid AWS service principal such as "sns.amazonaws.com". For example, you might want to allow a custom application in another AWS account to push events to AWS Lambda by invoking your function.

withPrincipal

public AddPermissionRequest withPrincipal(String principal)

The principal who is getting this permission. It can be Amazon S3 service Principal ("s3.amazonaws.com") if you want Amazon S3 to invoke the function, an AWS account ID if you are granting cross-account permission, or any valid AWS service principal such as "sns.amazonaws.com". For example, you might want to allow a custom application in another AWS account to push events to AWS Lambda by invoking your function.

Returns a reference to this object so that method calls can be chained together.

Constraints:
Pattern: .*

Parameters:

principal - The principal who is getting this permission. It can be Amazon S3 service Principal ("s3.amazonaws.com") if you want Amazon S3 to invoke the function, an AWS account ID if you are granting cross-account permission, or any valid AWS service principal such as "sns.amazonaws.com". For example, you might want to allow a custom application in another AWS account to push events to AWS Lambda by invoking your function.

Returns:

A reference to this updated object so that method calls can be chained together.

getSourceArn

public String getSourceArn()

This is optional; however, when granting Amazon S3 permission to invoke your function, you should specify this field with the bucket Amazon Resource Name (ARN) as its value. This ensures that only events generated from the specified bucket can invoke the function. If you add a permission for the Amazon S3 principal without providing the source ARN, any AWS account that creates a mapping to your function ARN can send events to invoke your Lambda function from Amazon S3.

Constraints:
Pattern: arn:aws:([a-zA-Z0-9\-])+:([a-z]{2}-[a-z]+-\d{1})?:(\d{12})?:(.*)

Returns:

This is optional; however, when granting Amazon S3 permission to invoke your function, you should specify this field with the bucket Amazon Resource Name (ARN) as its value. This ensures that only events generated from the specified bucket can invoke the function. If you add a permission for the Amazon S3 principal without providing the source ARN, any AWS account that creates a mapping to your function ARN can send events to invoke your Lambda function from Amazon S3.

setSourceArn

public void setSourceArn(String sourceArn)

This is optional; however, when granting Amazon S3 permission to invoke your function, you should specify this field with the bucket Amazon Resource Name (ARN) as its value. This ensures that only events generated from the specified bucket can invoke the function. If you add a permission for the Amazon S3 principal without providing the source ARN, any AWS account that creates a mapping to your function ARN can send events to invoke your Lambda function from Amazon S3.

Constraints:
Pattern: arn:aws:([a-zA-Z0-9\-])+:([a-z]{2}-[a-z]+-\d{1})?:(\d{12})?:(.*)

Parameters:

sourceArn - This is optional; however, when granting Amazon S3 permission to invoke your function, you should specify this field with the bucket Amazon Resource Name (ARN) as its value. This ensures that only events generated from the specified bucket can invoke the function. If you add a permission for the Amazon S3 principal without providing the source ARN, any AWS account that creates a mapping to your function ARN can send events to invoke your Lambda function from Amazon S3.

withSourceArn

public AddPermissionRequest withSourceArn(String sourceArn)

This is optional; however, when granting Amazon S3 permission to invoke your function, you should specify this field with the bucket Amazon Resource Name (ARN) as its value. This ensures that only events generated from the specified bucket can invoke the function. If you add a permission for the Amazon S3 principal without providing the source ARN, any AWS account that creates a mapping to your function ARN can send events to invoke your Lambda function from Amazon S3.

Returns a reference to this object so that method calls can be chained together.

Constraints:
Pattern: arn:aws:([a-zA-Z0-9\-])+:([a-z]{2}-[a-z]+-\d{1})?:(\d{12})?:(.*)

Parameters:

sourceArn - This is optional; however, when granting Amazon S3 permission to invoke your function, you should specify this field with the bucket Amazon Resource Name (ARN) as its value. This ensures that only events generated from the specified bucket can invoke the function. If you add a permission for the Amazon S3 principal without providing the source ARN, any AWS account that creates a mapping to your function ARN can send events to invoke your Lambda function from Amazon S3.

Returns:

A reference to this updated object so that method calls can be chained together.

getSourceAccount

public String getSourceAccount()

The AWS account ID (without a hyphen) of the source owner. If the SourceArn identifies a bucket, then this is the bucket owner's account ID. You can use this additional condition to ensure the bucket you specify is owned by a specific account (it is possible the bucket owner deleted the bucket and some other AWS account created the bucket). You can also use this condition to specify all sources (that is, you don't specify the SourceArn) owned by a specific account.

Constraints:
Pattern: \d{12}

Returns:

The AWS account ID (without a hyphen) of the source owner. If the SourceArn identifies a bucket, then this is the bucket owner's account ID. You can use this additional condition to ensure the bucket you specify is owned by a specific account (it is possible the bucket owner deleted the bucket and some other AWS account created the bucket). You can also use this condition to specify all sources (that is, you don't specify the SourceArn) owned by a specific account.

setSourceAccount

public void setSourceAccount(String sourceAccount)

The AWS account ID (without a hyphen) of the source owner. If the SourceArn identifies a bucket, then this is the bucket owner's account ID. You can use this additional condition to ensure the bucket you specify is owned by a specific account (it is possible the bucket owner deleted the bucket and some other AWS account created the bucket). You can also use this condition to specify all sources (that is, you don't specify the SourceArn) owned by a specific account.

Constraints:
Pattern: \d{12}

Parameters:

sourceAccount - The AWS account ID (without a hyphen) of the source owner. If the SourceArn identifies a bucket, then this is the bucket owner's account ID. You can use this additional condition to ensure the bucket you specify is owned by a specific account (it is possible the bucket owner deleted the bucket and some other AWS account created the bucket). You can also use this condition to specify all sources (that is, you don't specify the SourceArn) owned by a specific account.

withSourceAccount

public AddPermissionRequest withSourceAccount(String sourceAccount)

The AWS account ID (without a hyphen) of the source owner. If the SourceArn identifies a bucket, then this is the bucket owner's account ID. You can use this additional condition to ensure the bucket you specify is owned by a specific account (it is possible the bucket owner deleted the bucket and some other AWS account created the bucket). You can also use this condition to specify all sources (that is, you don't specify the SourceArn) owned by a specific account.

Returns a reference to this object so that method calls can be chained together.

Constraints:
Pattern: \d{12}

Parameters:

sourceAccount - The AWS account ID (without a hyphen) of the source owner. If the SourceArn identifies a bucket, then this is the bucket owner's account ID. You can use this additional condition to ensure the bucket you specify is owned by a specific account (it is possible the bucket owner deleted the bucket and some other AWS account created the bucket). You can also use this condition to specify all sources (that is, you don't specify the SourceArn) owned by a specific account.

Returns:

A reference to this updated object so that method calls can be chained together.

toString

public String toString()

Returns a string representation of this object; useful for testing and debugging.

Overrides:

toString in class Object

Returns:

A string representation of this object.

See Also:

Object.toString()

hashCode

public int hashCode()

Overrides:

hashCode in class Object

equals

public boolean equals(Object obj)

Overrides:

equals in class Object

clone

public AddPermissionRequest clone()

Overrides:

clone in class AmazonWebServiceRequest