@pulumi/aws-native
Version:
The Pulumi AWS Cloud Control Provider enables you to build, deploy, and manage [any AWS resource that's supported by the AWS Cloud Control API](https://github.com/pulumi/pulumi-aws-native/blob/master/provider/cmd/pulumi-gen-aws-native/supported-types.txt)
91 lines (90 loc) • 4.07 kB
TypeScript
import * as pulumi from "@pulumi/pulumi";
import * as enums from "../types/enums";
/**
* Policy Statement defined in AWS Entity Resolution Service
*/
export declare class PolicyStatement extends pulumi.CustomResource {
/**
* Get an existing PolicyStatement resource's state with the given name, ID, and optional extra
* properties used to qualify the lookup.
*
* @param name The _unique_ name of the resulting resource.
* @param id The _unique_ provider ID of the resource to lookup.
* @param opts Optional settings to control the behavior of the CustomResource.
*/
static get(name: string, id: pulumi.Input<pulumi.ID>, opts?: pulumi.CustomResourceOptions): PolicyStatement;
/**
* Returns true if the given object is an instance of PolicyStatement. This is designed to work even
* when multiple copies of the Pulumi SDK have been loaded into the same process.
*/
static isInstance(obj: any): obj is PolicyStatement;
/**
* The action that the principal can use on the resource.
*
* For example, `entityresolution:GetIdMappingJob` , `entityresolution:GetMatchingJob` .
*/
readonly action: pulumi.Output<string[] | undefined>;
/**
* The Amazon Resource Name (ARN) of the resource that will be accessed by the principal.
*/
readonly arn: pulumi.Output<string>;
/**
* A set of condition keys that you can use in key policies.
*/
readonly condition: pulumi.Output<string | undefined>;
/**
* Determines whether the permissions specified in the policy are to be allowed ( `Allow` ) or denied ( `Deny` ).
*
* > If you set the value of the `effect` parameter to `Deny` for the `AddPolicyStatement` operation, you must also set the value of the `effect` parameter in the `policy` to `Deny` for the `PutPolicy` operation.
*/
readonly effect: pulumi.Output<enums.entityresolution.PolicyStatementStatementEffect | undefined>;
/**
* The AWS service or AWS account that can access the resource defined as ARN.
*/
readonly principal: pulumi.Output<string[] | undefined>;
/**
* A statement identifier that differentiates the statement from others in the same policy.
*/
readonly statementId: pulumi.Output<string>;
/**
* Create a PolicyStatement resource with the given unique name, arguments, and options.
*
* @param name The _unique_ name of the resource.
* @param args The arguments to use to populate this resource's properties.
* @param opts A bag of options that control this resource's behavior.
*/
constructor(name: string, args: PolicyStatementArgs, opts?: pulumi.CustomResourceOptions);
}
/**
* The set of arguments for constructing a PolicyStatement resource.
*/
export interface PolicyStatementArgs {
/**
* The action that the principal can use on the resource.
*
* For example, `entityresolution:GetIdMappingJob` , `entityresolution:GetMatchingJob` .
*/
action?: pulumi.Input<pulumi.Input<string>[]>;
/**
* The Amazon Resource Name (ARN) of the resource that will be accessed by the principal.
*/
arn: pulumi.Input<string>;
/**
* A set of condition keys that you can use in key policies.
*/
condition?: pulumi.Input<string>;
/**
* Determines whether the permissions specified in the policy are to be allowed ( `Allow` ) or denied ( `Deny` ).
*
* > If you set the value of the `effect` parameter to `Deny` for the `AddPolicyStatement` operation, you must also set the value of the `effect` parameter in the `policy` to `Deny` for the `PutPolicy` operation.
*/
effect?: pulumi.Input<enums.entityresolution.PolicyStatementStatementEffect>;
/**
* The AWS service or AWS account that can access the resource defined as ARN.
*/
principal?: pulumi.Input<pulumi.Input<string>[]>;
/**
* A statement identifier that differentiates the statement from others in the same policy.
*/
statementId: pulumi.Input<string>;
}