AWS::Lambda::LayerVersionPermissionCfnLayerVersionPermission
The `AWS::Lambda::LayerVersionPermission` resource adds permissions to the resource-based policy of a version of an [Lambda layer](https://docs.aws.amazon.com/lambda/latest/dg/configuration-layers.html) . Use this action to grant layer usage permission to other accounts. You can grant permission to a single account, all AWS accounts, or all accounts in an organization. > Since the release of the [UpdateReplacePolicy](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html) both `UpdateReplacePolicy` and `DeletionPolicy` are required to protect your Resources/LayerPermissions from deletion.
Import
import { CfnLayerVersionPermission } from 'aws-cdk-lib/aws-lambda';Or use the module namespace:
import * as lambda from 'aws-cdk-lib/aws-lambda';
// lambda.CfnLayerVersionPermissionProperties
Configuration passed to the constructor as CfnLayerVersionPermissionProps.
actionRequiredstringThe API action that grants access to the layer. For example, `lambda:GetLayerVersion` .
layerVersionArnRequiredstring | ILayerVersionRefThe name or Amazon Resource Name (ARN) of the layer.
principalRequiredstringAn account ID, or `*` to grant layer usage permission to all accounts in an organization, or all AWS accounts (if `organizationId` is not specified). For the last case, make sure that you really do want all AWS accounts to have usage permission to this layer.
organizationIdOptionalstringWith the principal set to `*` , grant permission to all accounts in the specified organization.
CloudFormation Resource
This L1 construct maps directly to the following CloudFormation resource type.
Get the AWS Lambda Cheat Sheet
Everything you need to know about AWS Lambda on one page. HD quality, print-friendly.
Download Free InfographicQuick Facts
aws-lambdaAWS::Lambda::LayerVersionPermission