Skip to content

Resource: awsCodeartifactDomainPermissionsPolicy

Provides a CodeArtifact Domains Permissions Policy Resource.

Example Usage

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
const awsKmsKeyExample = new aws.kmsKey.KmsKey(this, "example", {
  description: "domain key",
});
const awsCodeartifactDomainExample =
  new aws.codeartifactDomain.CodeartifactDomain(this, "example_1", {
    domain: "example",
    encryptionKey: awsKmsKeyExample.arn,
  });
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
awsCodeartifactDomainExample.overrideLogicalId("example");
const dataAwsIamPolicyDocumentTest =
  new aws.dataAwsIamPolicyDocument.DataAwsIamPolicyDocument(this, "test", {
    statement: [
      {
        actions: ["codeartifact:CreateRepository"],
        effect: "Allow",
        principals: [
          {
            identifiers: ["*"],
            type: "*",
          },
        ],
        resources: [awsCodeartifactDomainExample.arn],
      },
    ],
  });
const awsCodeartifactDomainPermissionsPolicyTest =
  new aws.codeartifactDomainPermissionsPolicy.CodeartifactDomainPermissionsPolicy(
    this,
    "test_3",
    {
      domain: awsCodeartifactDomainExample.domain,
      policyDocument: dataAwsIamPolicyDocumentTest.json,
    }
  );
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
awsCodeartifactDomainPermissionsPolicyTest.overrideLogicalId("test");

Argument Reference

The following arguments are supported:

  • domain - (Required) The name of the domain on which to set the resource policy.
  • policyDocument - (Required) A JSON policy string to be set as the access control resource policy on the provided domain.
  • domainOwner - (Optional) The account number of the AWS account that owns the domain.
  • policyRevision - (Optional) The current revision of the resource policy to be set. This revision is used for optimistic locking, which prevents others from overwriting your changes to the domain's resource policy.

Attributes Reference

In addition to all arguments above, the following attributes are exported:

  • id - The Name of Domain.
  • resourceArn - The ARN of the resource associated with the resource policy.

Import

CodeArtifact Domain Permissions Policies can be imported using the CodeArtifact Domain ARN, e.g.,

$ terraform import aws_codeartifact_domain_permissions_policy.example arn:aws:codeartifact:us-west-2:012345678912:domain/tf-acc-test-1928056699409417367