@@ -3,6 +3,7 @@ import { IConstruct } from 'constructs';
3
3
import { NodejsFunction } from 'aws-cdk-lib/aws-lambda-nodejs' ;
4
4
import { Table } from 'aws-cdk-lib/aws-dynamodb' ;
5
5
import { Secret } from 'aws-cdk-lib/aws-secretsmanager' ;
6
+ import { StringParameter } from 'aws-cdk-lib/aws-ssm' ;
6
7
7
8
/**
8
9
* An aspect that grants access to resources to a Lambda function.
@@ -19,9 +20,9 @@ import { Secret } from 'aws-cdk-lib/aws-secretsmanager';
19
20
* @see {@link https://docs.aws.amazon.com/cdk/v2/guide/aspects.html|CDK Docs - Aspects }
20
21
*/
21
22
export class ResourceAccessGranter implements IAspect {
22
- private readonly resources : Table [ ] | Secret [ ] ;
23
+ private readonly resources : Table [ ] | Secret [ ] | StringParameter [ ] ;
23
24
24
- public constructor ( resources : Table [ ] | Secret [ ] ) {
25
+ public constructor ( resources : Table [ ] | Secret [ ] | StringParameter [ ] ) {
25
26
this . resources = resources ;
26
27
}
27
28
@@ -30,11 +31,14 @@ export class ResourceAccessGranter implements IAspect {
30
31
if ( node instanceof NodejsFunction ) {
31
32
32
33
// Grant access to the resources
33
- this . resources . forEach ( ( resource : Table | Secret ) => {
34
+ this . resources . forEach ( ( resource : Table | Secret | StringParameter ) => {
34
35
35
36
if ( resource instanceof Table ) {
36
37
resource . grantReadData ( node ) ;
37
- } else if ( resource instanceof Secret ) {
38
+ } else if (
39
+ resource instanceof Secret ||
40
+ resource instanceof StringParameter
41
+ ) {
38
42
resource . grantRead ( node ) ;
39
43
}
40
44
0 commit comments