UNPKG

aws-iam-policy-types

Version:

Autogenerated Typescript types for AWS IAM Policy and enums for all policy actions

github.com/jurooravec/aws-iam-policy-types

jurooravec/aws-iam-policy-types

564 lines • 25.3 kB

JavaScript

// AUTOGENERATED FILE - DO NOT EDIT /** * All IAM policy actions for AWS Directory Service (DS) * * Extracted by `aws-iam-policy` from * https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsdirectoryservice.html * * 2025-02-24T21:47:38.408Z */ export var AwsDsActions; (function (AwsDsActions) { /** * Grants permission to accept a directory sharing request that was sent from the * directory owner account * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_AcceptSharedDirectory.html */ AwsDsActions["AcceptSharedDirectory"] = "ds:AcceptSharedDirectory"; /** * Grants permission to access directory data using the Directory Service Data API * * See https://docs.aws.amazon.com/directoryservice/latest/admin-guide/UsingWithDS_IAM_ResourcePermissions.html */ AwsDsActions["AccessDSData"] = "ds:AccessDSData"; /** * Grants permission to add a CIDR address block to correctly route traffic to and * from your Microsoft AD on Amazon Web Services * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_AddIpRoutes.html */ AwsDsActions["AddIpRoutes"] = "ds:AddIpRoutes"; /** * Grants permission to add two domain controllers in the specified Region for the * specified directory * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_AddRegion.html */ AwsDsActions["AddRegion"] = "ds:AddRegion"; /** * Grants permission to add or overwrite one or more tags for the specified Amazon * Directory Services directory * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_AddTagsToResource.html */ AwsDsActions["AddTagsToResource"] = "ds:AddTagsToResource"; /** * Grants permission to authorize an application for your AWS Directory * * See https://docs.aws.amazon.com/directoryservice/latest/admin-guide/UsingWithDS_IAM_ResourcePermissions.html */ AwsDsActions["AuthorizeApplication"] = "ds:AuthorizeApplication"; /** * Grants permission to cancel an in-progress schema extension to a Microsoft AD d * irectory * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_CancelSchemaExtension.html */ AwsDsActions["CancelSchemaExtension"] = "ds:CancelSchemaExtension"; /** * Grants permission to verify that the alias is available for use * * See https://docs.aws.amazon.com/directoryservice/latest/admin-guide/UsingWithDS_IAM_ResourcePermissions.html */ AwsDsActions["CheckAlias"] = "ds:CheckAlias"; /** * Grants permission to create an AD Connector to connect to an on-premises direct * ory * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_ConnectDirectory.html */ AwsDsActions["ConnectDirectory"] = "ds:ConnectDirectory"; /** * Grants permission to create an alias for a directory and assigns the alias to t * he directory * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_CreateAlias.html */ AwsDsActions["CreateAlias"] = "ds:CreateAlias"; /** * Grants permission to create a computer account in the specified directory, and * joins the computer to the directory * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_CreateComputer.html */ AwsDsActions["CreateComputer"] = "ds:CreateComputer"; /** * Grants permission to create a conditional forwarder associated with your AWS di * rectory * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_CreateConditionalForwarder.html */ AwsDsActions["CreateConditionalForwarder"] = "ds:CreateConditionalForwarder"; /** * Grants permission to create a Simple AD directory * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_CreateDirectory.html */ AwsDsActions["CreateDirectory"] = "ds:CreateDirectory"; /** * Grants permission to create an IdentityPool Directory in the AWS cloud * * See https://docs.aws.amazon.com/directoryservice/latest/admin-guide/UsingWithDS_IAM_ResourcePermissions.html */ AwsDsActions["CreateIdentityPoolDirectory"] = "ds:CreateIdentityPoolDirectory"; /** * Grants permission to create a subscription to forward real time Directory Servi * ce domain controller security logs to the specified CloudWatch log group in you * r AWS account * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_CreateLogSubscription.html */ AwsDsActions["CreateLogSubscription"] = "ds:CreateLogSubscription"; /** * Grants permission to create a Microsoft AD in the AWS cloud * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_CreateMicrosoftAD.html */ AwsDsActions["CreateMicrosoftAD"] = "ds:CreateMicrosoftAD"; /** * Grants permission to create a snapshot of a Simple AD or Microsoft AD directory * in the AWS cloud * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_CreateSnapshot.html */ AwsDsActions["CreateSnapshot"] = "ds:CreateSnapshot"; /** * Grants permission to initiate the creation of the AWS side of a trust relations * hip between a Microsoft AD in the AWS cloud and an external domain * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_CreateTrust.html */ AwsDsActions["CreateTrust"] = "ds:CreateTrust"; /** * Grants permission to delete a conditional forwarder that has been set up for yo * ur AWS directory * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DeleteConditionalForwarder.html */ AwsDsActions["DeleteConditionalForwarder"] = "ds:DeleteConditionalForwarder"; /** * Grants permission to delete an AWS Directory Service directory * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DeleteDirectory.html */ AwsDsActions["DeleteDirectory"] = "ds:DeleteDirectory"; /** * Grants permission to delete the specified log subscription * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DeleteLogSubscription.html */ AwsDsActions["DeleteLogSubscription"] = "ds:DeleteLogSubscription"; /** * Grants permission to delete a directory snapshot * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DeleteSnapshot.html */ AwsDsActions["DeleteSnapshot"] = "ds:DeleteSnapshot"; /** * Grants permission to delete an existing trust relationship between your Microso * ft AD in the AWS cloud and an external domain * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DeleteTrust.html */ AwsDsActions["DeleteTrust"] = "ds:DeleteTrust"; /** * Grants permission to delete from the system the certificate that was registered * for a secured LDAP connection * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DeregisterCertificate.html */ AwsDsActions["DeregisterCertificate"] = "ds:DeregisterCertificate"; /** * Grants permission to remove the specified directory as a publisher to the speci * fied SNS topic * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DeregisterEventTopic.html */ AwsDsActions["DeregisterEventTopic"] = "ds:DeregisterEventTopic"; /** * Grants permission to display information about the certificate registered for a * secured LDAP connection * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DescribeCertificate.html */ AwsDsActions["DescribeCertificate"] = "ds:DescribeCertificate"; /** * Grants permission to retrieve information about the type of client authenticati * on for the specified directory, if the type is specified. If no type is specifi * ed, information about all client authentication types that are supported for th * e specified directory is retrieved. Currently, only SmartCard is supported * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DescribeClientAuthenticationSettings.html */ AwsDsActions["DescribeClientAuthenticationSettings"] = "ds:DescribeClientAuthenticationSettings"; /** * Grants permission to obtain information about the conditional forwarders for th * is account * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DescribeConditionalForwarders.html */ AwsDsActions["DescribeConditionalForwarders"] = "ds:DescribeConditionalForwarders"; /** * Grants permission to obtain information about the directories that belong to th * is account * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DescribeDirectories.html */ AwsDsActions["DescribeDirectories"] = "ds:DescribeDirectories"; /** * Grants permission to describe the Directory Service Data API status for the spe * cified directory * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DescribeDirectoryDataAccess.html */ AwsDsActions["DescribeDirectoryDataAccess"] = "ds:DescribeDirectoryDataAccess"; /** * Grants permission to provide information about any domain controllers in your d * irectory * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DescribeDomainControllers.html */ AwsDsActions["DescribeDomainControllers"] = "ds:DescribeDomainControllers"; /** * Grants permission to obtain information about which SNS topics receive status m * essages from the specified directory * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DescribeEventTopics.html */ AwsDsActions["DescribeEventTopics"] = "ds:DescribeEventTopics"; /** * Grants permission to describe the status of LDAP security for the specified dir * ectory * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DescribeLDAPSSettings.html */ AwsDsActions["DescribeLDAPSSettings"] = "ds:DescribeLDAPSSettings"; /** * Grants permission to provide information about the Regions that are configured * for multi-Region replication * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DescribeRegions.html */ AwsDsActions["DescribeRegions"] = "ds:DescribeRegions"; /** * Grants permission to retrieve information about the configurable settings for t * he specified directory * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DescribeSettings.html */ AwsDsActions["DescribeSettings"] = "ds:DescribeSettings"; /** * Grants permission to return the shared directories in your account * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DescribeSharedDirectories.html */ AwsDsActions["DescribeSharedDirectories"] = "ds:DescribeSharedDirectories"; /** * Grants permission to obtain information about the directory snapshots that belo * ng to this account * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DescribeSnapshots.html */ AwsDsActions["DescribeSnapshots"] = "ds:DescribeSnapshots"; /** * Grants permission to obtain information about the trust relationships for this * account * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DescribeTrusts.html */ AwsDsActions["DescribeTrusts"] = "ds:DescribeTrusts"; /** * Grants permission to describe the updates of a directory for a particular updat * e type * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DescribeUpdateDirectory.html */ AwsDsActions["DescribeUpdateDirectory"] = "ds:DescribeUpdateDirectory"; /** * Grants permission to disable alternative client authentication methods for the * specified directory * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DisableClientAuthentication.html */ AwsDsActions["DisableClientAuthentication"] = "ds:DisableClientAuthentication"; /** * Grants permission to disable the Directory Service Data API for the specified d * irectory * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DisableDirectoryDataAccess.html */ AwsDsActions["DisableDirectoryDataAccess"] = "ds:DisableDirectoryDataAccess"; /** * Grants permission to deactivate LDAP secure calls for the specified directory * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DisableLDAPS.html */ AwsDsActions["DisableLDAPS"] = "ds:DisableLDAPS"; /** * Grants permission to disable multi-factor authentication (MFA) with the Remote * Authentication Dial In User Service (RADIUS) server for an AD Connector directo * ry * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DisableRadius.html */ AwsDsActions["DisableRadius"] = "ds:DisableRadius"; /** * Grants permission to disable AWS Management Console access for identity in your * AWS Directory * * See https://docs.aws.amazon.com/directoryservice/latest/admin-guide/UsingWithDS_IAM_ResourcePermissions.html */ AwsDsActions["DisableRoleAccess"] = "ds:DisableRoleAccess"; /** * Grants permission to disable single-sign on for a directory * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DisableSso.html */ AwsDsActions["DisableSso"] = "ds:DisableSso"; /** * Grants permission to enable alternative client authentication methods for the s * pecified directory * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_EnableClientAuthentication.html */ AwsDsActions["EnableClientAuthentication"] = "ds:EnableClientAuthentication"; /** * Grants permission to enable the Directory Service Data API for the specified di * rectory * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_EnableDirectoryDataAccess.html */ AwsDsActions["EnableDirectoryDataAccess"] = "ds:EnableDirectoryDataAccess"; /** * Grants permission to activate the switch for the specific directory to always u * se LDAP secure calls * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_EnableLDAPS.html */ AwsDsActions["EnableLDAPS"] = "ds:EnableLDAPS"; /** * Grants permission to enable multi-factor authentication (MFA) with the Remote A * uthentication Dial In User Service (RADIUS) server for an AD Connector director * y * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_EnableRadius.html */ AwsDsActions["EnableRadius"] = "ds:EnableRadius"; /** * Grants permission to enable AWS Management Console access for identity in your * AWS Directory * * See https://docs.aws.amazon.com/directoryservice/latest/admin-guide/UsingWithDS_IAM_ResourcePermissions.html */ AwsDsActions["EnableRoleAccess"] = "ds:EnableRoleAccess"; /** * Grants permission to enable single-sign on for a directory * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_EnableSso.html */ AwsDsActions["EnableSso"] = "ds:EnableSso"; /** * Grants permission to retrieve the details of the authorized applications on a d * irectory * * See https://docs.aws.amazon.com/directoryservice/latest/admin-guide/UsingWithDS_IAM_ResourcePermissions.html */ AwsDsActions["GetAuthorizedApplicationDetails"] = "ds:GetAuthorizedApplicationDetails"; /** * Grants permission to obtain directory limit information for the current region * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_GetDirectoryLimits.html */ AwsDsActions["GetDirectoryLimits"] = "ds:GetDirectoryLimits"; /** * Grants permission to obtain the manual snapshot limits for a directory * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_GetSnapshotLimits.html */ AwsDsActions["GetSnapshotLimits"] = "ds:GetSnapshotLimits"; /** * Grants permission to obtain the AWS applications authorized for a directory * * See https://docs.aws.amazon.com/directoryservice/latest/admin-guide/UsingWithDS_IAM_ResourcePermissions.html */ AwsDsActions["ListAuthorizedApplications"] = "ds:ListAuthorizedApplications"; /** * Grants permission to list all the certificates registered for a secured LDAP co * nnection, for the specified directory * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_ListCertificates.html */ AwsDsActions["ListCertificates"] = "ds:ListCertificates"; /** * Grants permission to list the address blocks that you have added to a directory * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_ListIpRoutes.html */ AwsDsActions["ListIpRoutes"] = "ds:ListIpRoutes"; /** * Grants permission to list the active log subscriptions for the AWS account * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_ListLogSubscriptions.html */ AwsDsActions["ListLogSubscriptions"] = "ds:ListLogSubscriptions"; /** * Grants permission to list all schema extensions applied to a Microsoft AD Direc * tory * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_ListSchemaExtensions.html */ AwsDsActions["ListSchemaExtensions"] = "ds:ListSchemaExtensions"; /** * Grants permission to list all tags on an Amazon Directory Services directory * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_ListTagsForResource.html */ AwsDsActions["ListTagsForResource"] = "ds:ListTagsForResource"; /** * Grants permission to register a certificate for secured LDAP connection * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_RegisterCertificate.html */ AwsDsActions["RegisterCertificate"] = "ds:RegisterCertificate"; /** * Grants permission to associate a directory with an SNS topic * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_RegisterEventTopic.html */ AwsDsActions["RegisterEventTopic"] = "ds:RegisterEventTopic"; /** * Grants permission to reject a directory sharing request that was sent from the * directory owner account * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_RejectSharedDirectory.html */ AwsDsActions["RejectSharedDirectory"] = "ds:RejectSharedDirectory"; /** * Grants permission to remove IP address blocks from a directory * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_RemoveIpRoutes.html */ AwsDsActions["RemoveIpRoutes"] = "ds:RemoveIpRoutes"; /** * Grants permission to stop all replication and removes the domain controllers fr * om the specified Region. You cannot remove the primary Region with this operati * on * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_RemoveRegion.html */ AwsDsActions["RemoveRegion"] = "ds:RemoveRegion"; /** * Grants permission to remove tags from an Amazon Directory Services directory * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_RemoveTagsFromResource.html */ AwsDsActions["RemoveTagsFromResource"] = "ds:RemoveTagsFromResource"; /** * Grants permission to reset the password for any user in your AWS Managed Micros * oft AD or Simple AD directory * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_ResetUserPassword.html */ AwsDsActions["ResetUserPassword"] = "ds:ResetUserPassword"; /** * Grants permission to restore a directory using an existing directory snapshot * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_RestoreFromSnapshot.html */ AwsDsActions["RestoreFromSnapshot"] = "ds:RestoreFromSnapshot"; /** * Grants permission to share a specified directory in your AWS account (directory * owner) with another AWS account (directory consumer). With this operation you c * an use your directory from any AWS account and from any Amazon VPC within an AW * S Region * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_ShareDirectory.html */ AwsDsActions["ShareDirectory"] = "ds:ShareDirectory"; /** * Grants permission to apply a schema extension to a Microsoft AD directory * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_StartSchemaExtension.html */ AwsDsActions["StartSchemaExtension"] = "ds:StartSchemaExtension"; /** * Grants permission to unauthorize an application from your AWS Directory * * See https://docs.aws.amazon.com/directoryservice/latest/admin-guide/UsingWithDS_IAM_ResourcePermissions.html */ AwsDsActions["UnauthorizeApplication"] = "ds:UnauthorizeApplication"; /** * Grants permission to stop the directory sharing between the directory owner and * consumer accounts * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_UnshareDirectory.html */ AwsDsActions["UnshareDirectory"] = "ds:UnshareDirectory"; /** * Grants permission to update an authorized application for your AWS Directory * * See https://docs.aws.amazon.com/directoryservice/latest/admin-guide/UsingWithDS_IAM_ResourcePermissions.html */ AwsDsActions["UpdateAuthorizedApplication"] = "ds:UpdateAuthorizedApplication"; /** * Grants permission to update a conditional forwarder that has been set up for yo * ur AWS directory * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_UpdateConditionalForwarder.html */ AwsDsActions["UpdateConditionalForwarder"] = "ds:UpdateConditionalForwarder"; /** * Grants permission to update the configurations like service account credentials * or DNS server IP addresses for the specified directory * * See https://docs.aws.amazon.com/directoryservice/latest/admin-guide/UsingWithDS_IAM_ResourcePermissions.html */ AwsDsActions["UpdateDirectory"] = "ds:UpdateDirectory"; /** * Grants permission to update the directory for a particular update type * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_UpdateDirectorySetup.html */ AwsDsActions["UpdateDirectorySetup"] = "ds:UpdateDirectorySetup"; /** * Grants permission to add or remove domain controllers to or from the directory. * Based on the difference between current value and new value (provided through t * his API call), domain controllers will be added or removed. It may take up to 4 * 5 minutes for any new domain controllers to become fully active once the reques * ted number of domain controllers is updated. During this time, you cannot make * another update request * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_UpdateNumberOfDomainControllers.html */ AwsDsActions["UpdateNumberOfDomainControllers"] = "ds:UpdateNumberOfDomainControllers"; /** * Grants permission to update the Remote Authentication Dial In User Service (RAD * IUS) server information for an AD Connector directory * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_UpdateRadius.html */ AwsDsActions["UpdateRadius"] = "ds:UpdateRadius"; /** * Grants permission to update the configurable settings for the specified directo * ry * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_UpdateSettings.html */ AwsDsActions["UpdateSettings"] = "ds:UpdateSettings"; /** * Grants permission to update the trust that has been set up between your AWS Man * aged Microsoft AD directory and an on-premises Active Directory * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_UpdateTrust.html */ AwsDsActions["UpdateTrust"] = "ds:UpdateTrust"; /** * Grants permission to verify a trust relationship between your Microsoft AD in t * he AWS cloud and an external domain * * See https://docs.aws.amazon.com/directoryservice/latest/devguide/API_VerifyTrust.html */ AwsDsActions["VerifyTrust"] = "ds:VerifyTrust"; })(AwsDsActions || (AwsDsActions = {})); //# sourceMappingURL=ds.js.map