cdk-iam-floyd

import { AccessLevelList } from '../../shared/access-level'; import { PolicyStatement, Operator } from '../../shared'; import { aws_iam as iam } from "aws-cdk-lib"; /** * Statement provider for service [apigateway-v2](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonapigatewaymanagementv2.html). * * @param sid [SID](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_sid.html) of the statement */ export declare class ApigatewayV2 extends PolicyStatement { servicePrefix: string; /** * Grants permission to delete a particular resource * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/apigatewayv2/latest/api-reference/API_DELETE.html */ toDELETE(): this; /** * Grants permission to read a particular resource * * Access Level: Read * * https://docs.aws.amazon.com/apigatewayv2/latest/api-reference/API_GET.html */ toGET(): this; /** * Grants permission to update a particular resource * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/apigatewayv2/latest/api-reference/API_PATCH.html */ toPATCH(): this; /** * Grants permission to create a particular resource * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/apigatewayv2/latest/api-reference/API_POST.html */ toPOST(): this; /** * Grants permission to update a particular resource * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/apigatewayv2/latest/api-reference/API_PUT.html */ toPUT(): this; protected accessLevelList: AccessLevelList; /** * Adds a resource of type AccessLogSettings to the statement * * https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html * * @param apiId - Identifier for the apiId. * @param stageName - Identifier for the stageName. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onAccessLogSettings(apiId: string, stageName: string, region?: string, partition?: string): this; /** * Adds a resource of type Api to the statement * * https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html * * @param apiId - Identifier for the apiId. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifRequestApiKeyRequired() * - .ifRequestApiName() * - .ifRequestAuthorizerType() * - .ifRequestAuthorizerUri() * - .ifRequestDisableExecuteApiEndpoint() * - .ifRequestEndpointType() * - .ifRequestRouteAuthorizationType() * - .ifResourceApiKeyRequired() * - .ifResourceApiName() * - .ifResourceAuthorizerType() * - .ifResourceAuthorizerUri() * - .ifResourceDisableExecuteApiEndpoint() * - .ifResourceEndpointType() * - .ifResourceRouteAuthorizationType() * - .ifAwsResourceTag() */ onApi(apiId: string, region?: string, partition?: string): this; /** * Adds a resource of type Apis to the statement * * https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html * * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifRequestApiKeyRequired() * - .ifRequestApiName() * - .ifRequestAuthorizerType() * - .ifRequestAuthorizerUri() * - .ifRequestDisableExecuteApiEndpoint() * - .ifRequestEndpointType() * - .ifRequestRouteAuthorizationType() * - .ifAwsResourceTag() */ onApis(region?: string, partition?: string): this; /** * Adds a resource of type ApiMapping to the statement * * https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html * * @param domainName - Identifier for the domainName. * @param apiMappingId - Identifier for the apiMappingId. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onApiMapping(domainName: string, apiMappingId: string, region?: string, partition?: string): this; /** * Adds a resource of type ApiMappings to the statement * * https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html * * @param domainName - Identifier for the domainName. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onApiMappings(domainName: string, region?: string, partition?: string): this; /** * Adds a resource of type Authorizer to the statement * * https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html * * @param apiId - Identifier for the apiId. * @param authorizerId - Identifier for the authorizerId. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifRequestAuthorizerType() * - .ifRequestAuthorizerUri() * - .ifResourceAuthorizerType() * - .ifResourceAuthorizerUri() * - .ifAwsResourceTag() */ onAuthorizer(apiId: string, authorizerId: string, region?: string, partition?: string): this; /** * Adds a resource of type Authorizers to the statement * * https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html * * @param apiId - Identifier for the apiId. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifRequestAuthorizerType() * - .ifRequestAuthorizerUri() * - .ifAwsResourceTag() */ onAuthorizers(apiId: string, region?: string, partition?: string): this; /** * Adds a resource of type AuthorizersCache to the statement * * https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html * * @param apiId - Identifier for the apiId. * @param stageName - Identifier for the stageName. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onAuthorizersCache(apiId: string, stageName: string, region?: string, partition?: string): this; /** * Adds a resource of type Cors to the statement * * https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html * * @param apiId - Identifier for the apiId. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onCors(apiId: string, region?: string, partition?: string): this; /** * Adds a resource of type Deployment to the statement * * https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html * * @param apiId - Identifier for the apiId. * @param deploymentId - Identifier for the deploymentId. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onDeployment(apiId: string, deploymentId: string, region?: string, partition?: string): this; /** * Adds a resource of type Deployments to the statement * * https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html * * @param apiId - Identifier for the apiId. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifRequestStageName() * - .ifAwsResourceTag() */ onDeployments(apiId: string, region?: string, partition?: string): this; /** * Adds a resource of type ExportedAPI to the statement * * https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html * * @param apiId - Identifier for the apiId. * @param specification - Identifier for the specification. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onExportedAPI(apiId: string, specification: string, region?: string, partition?: string): this; /** * Adds a resource of type Integration to the statement * * https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html * * @param apiId - Identifier for the apiId. * @param integrationId - Identifier for the integrationId. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onIntegration(apiId: string, integrationId: string, region?: string, partition?: string): this; /** * Adds a resource of type Integrations to the statement * * https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html * * @param apiId - Identifier for the apiId. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onIntegrations(apiId: string, region?: string, partition?: string): this; /** * Adds a resource of type IntegrationResponse to the statement * * https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html * * @param apiId - Identifier for the apiId. * @param integrationId - Identifier for the integrationId. * @param integrationResponseId - Identifier for the integrationResponseId. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onIntegrationResponse(apiId: string, integrationId: string, integrationResponseId: string, region?: string, partition?: string): this; /** * Adds a resource of type IntegrationResponses to the statement * * https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html * * @param apiId - Identifier for the apiId. * @param integrationId - Identifier for the integrationId. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onIntegrationResponses(apiId: string, integrationId: string, region?: string, partition?: string): this; /** * Adds a resource of type Model to the statement * * https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html * * @param apiId - Identifier for the apiId. * @param modelId - Identifier for the modelId. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onModel(apiId: string, modelId: string, region?: string, partition?: string): this; /** * Adds a resource of type Models to the statement * * https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html * * @param apiId - Identifier for the apiId. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onModels(apiId: string, region?: string, partition?: string): this; /** * Adds a resource of type ModelTemplate to the statement * * https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html * * @param apiId - Identifier for the apiId. * @param modelId - Identifier for the modelId. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onModelTemplate(apiId: string, modelId: string, region?: string, partition?: string): this; /** * Adds a resource of type Route to the statement * * https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html * * @param apiId - Identifier for the apiId. * @param routeId - Identifier for the routeId. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifRequestApiKeyRequired() * - .ifRequestRouteAuthorizationType() * - .ifResourceApiKeyRequired() * - .ifResourceRouteAuthorizationType() * - .ifAwsResourceTag() */ onRoute(apiId: string, routeId: string, region?: string, partition?: string): this; /** * Adds a resource of type Routes to the statement * * https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html * * @param apiId - Identifier for the apiId. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifRequestApiKeyRequired() * - .ifRequestRouteAuthorizationType() * - .ifAwsResourceTag() */ onRoutes(apiId: string, region?: string, partition?: string): this; /** * Adds a resource of type RouteResponse to the statement * * https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html * * @param apiId - Identifier for the apiId. * @param routeId - Identifier for the routeId. * @param routeResponseId - Identifier for the routeResponseId. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onRouteResponse(apiId: string, routeId: string, routeResponseId: string, region?: string, partition?: string): this; /** * Adds a resource of type RouteResponses to the statement * * https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html * * @param apiId - Identifier for the apiId. * @param routeId - Identifier for the routeId. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onRouteResponses(apiId: string, routeId: string, region?: string, partition?: string): this; /** * Adds a resource of type RouteRequestParameter to the statement * * https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html * * @param apiId - Identifier for the apiId. * @param routeId - Identifier for the routeId. * @param requestParameterKey - Identifier for the requestParameterKey. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onRouteRequestParameter(apiId: string, routeId: string, requestParameterKey: string, region?: string, partition?: string): this; /** * Adds a resource of type RouteSettings to the statement * * https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html * * @param apiId - Identifier for the apiId. * @param stageName - Identifier for the stageName. * @param routeKey - Identifier for the routeKey. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onRouteSettings(apiId: string, stageName: string, routeKey: string, region?: string, partition?: string): this; /** * Adds a resource of type Stage to the statement * * https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html * * @param apiId - Identifier for the apiId. * @param stageName - Identifier for the stageName. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifRequestAccessLoggingDestination() * - .ifRequestAccessLoggingFormat() * - .ifResourceAccessLoggingDestination() * - .ifResourceAccessLoggingFormat() * - .ifAwsResourceTag() */ onStage(apiId: string, stageName: string, region?: string, partition?: string): this; /** * Adds a resource of type Stages to the statement * * https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html * * @param apiId - Identifier for the apiId. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifRequestAccessLoggingDestination() * - .ifRequestAccessLoggingFormat() * - .ifAwsResourceTag() */ onStages(apiId: string, region?: string, partition?: string): this; /** * Adds a resource of type VpcLink to the statement * * https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html * * @param vpcLinkId - Identifier for the vpcLinkId. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onVpcLink(vpcLinkId: string, region?: string, partition?: string): this; /** * Adds a resource of type VpcLinks to the statement * * https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html * * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onVpcLinks(region?: string, partition?: string): this; /** * Filters access by access log destination. Available during the CreateStage and UpdateStage operations * * https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html * * Applies to resource types: * - Stage * - Stages * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifRequestAccessLoggingDestination(value: string | string[], operator?: Operator | string): this; /** * Filters access by access log format. Available during the CreateStage and UpdateStage operations * * https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html * * Applies to resource types: * - Stage * - Stages * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifRequestAccessLoggingFormat(value: string | string[], operator?: Operator | string): this; /** * Filters access by the requirement of API. Available during the CreateRoute and UpdateRoute operations. Also available as a collection during import and reimport * * https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html * * Applies to resource types: * - Api * - Apis * - Route * - Routes * * @param value `true` or `false`. **Default:** `true` */ ifRequestApiKeyRequired(value?: boolean): this; /** * Filters access by API name. Available during the CreateApi and UpdateApi operations * * https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html * * Applies to resource types: * - Api * - Apis * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifRequestApiName(value: string | string[], operator?: Operator | string): this; /** * Filters access by type of authorizer in the request, for example REQUEST or JWT. Available during CreateAuthorizer and UpdateAuthorizer. Also available during import and reimport as an ArrayOfString * * https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html * * Applies to resource types: * - Api * - Apis * - Authorizer * - Authorizers * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifRequestAuthorizerType(value: string | string[], operator?: Operator | string): this; /** * Filters access by URI of a Lambda authorizer function. Available during CreateAuthorizer and UpdateAuthorizer. Also available during import and reimport as an ArrayOfString * * https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html * * Applies to resource types: * - Api * - Apis * - Authorizer * - Authorizers * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifRequestAuthorizerUri(value: string | string[], operator?: Operator | string): this; /** * Filters access by status of the default execute-api endpoint. Available during the CreateApi and UpdateApi operations * * https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html * * Applies to resource types: * - Api * - Apis * * @param value `true` or `false`. **Default:** `true` */ ifRequestDisableExecuteApiEndpoint(value?: boolean): this; /** * Filters access by endpoint type. Available during the CreateDomainName, UpdateDomainName, CreateApi, and UpdateApi operations * * https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html * * Applies to resource types: * - Api * - Apis * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifRequestEndpointType(value: string | string[], operator?: Operator | string): this; /** * Filters access by URI of the truststore used for mutual TLS authentication. Available during the CreateDomainName and UpdateDomainName operations * * https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifRequestMtlsTrustStoreUri(value: string | string[], operator?: Operator | string): this; /** * Filters access by version of the truststore used for mutual TLS authentication. Available during the CreateDomainName and UpdateDomainName operations * * https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifRequestMtlsTrustStoreVersion(value: string | string[], operator?: Operator | string): this; /** * Filters access by authorization type, for example NONE, AWS_IAM, CUSTOM, JWT. Available during the CreateRoute and UpdateRoute operations. Also available as a collection during import * * https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html * * Applies to resource types: * - Api * - Apis * - Route * - Routes * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifRequestRouteAuthorizationType(value: string | string[], operator?: Operator | string): this; /** * Filters access by TLS version. Available during the CreateDomain and UpdateDomain operations * * https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifRequestSecurityPolicy(value: string | string[], operator?: Operator | string): this; /** * Filters access by stage name of the deployment that you attempt to create. Available during the CreateDeployment operation * * https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html * * Applies to resource types: * - Deployments * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifRequestStageName(value: string | string[], operator?: Operator | string): this; /** * Filters access by access log destination of the current Stage resource. Available during the UpdateStage and DeleteStage operations * * https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html * * Applies to resource types: * - Stage * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifResourceAccessLoggingDestination(value: string | string[], operator?: Operator | string): this; /** * Filters access by access log format of the current Stage resource. Available during the UpdateStage and DeleteStage operations * * https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html * * Applies to resource types: * - Stage * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifResourceAccessLoggingFormat(value: string | string[], operator?: Operator | string): this; /** * Filters access by the requirement of API key for the existing Route resource. Available during the UpdateRoute and DeleteRoute operations. Also available as a collection during reimport * * https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html * * Applies to resource types: * - Api * - Route * * @param value `true` or `false`. **Default:** `true` */ ifResourceApiKeyRequired(value?: boolean): this; /** * Filters access by API name. Available during the UpdateApi and DeleteApi operations * * https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html * * Applies to resource types: * - Api * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifResourceApiName(value: string | string[], operator?: Operator | string): this; /** * Filters access by the current type of authorizer, for example REQUEST or JWT. Available during UpdateAuthorizer and DeleteAuthorizer operations. Also available during import and reimport as an ArrayOfString * * https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html * * Applies to resource types: * - Api * - Authorizer * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifResourceAuthorizerType(value: string | string[], operator?: Operator | string): this; /** * Filters access by the URI of the current Lambda authorizer associated with the current API. Available during UpdateAuthorizer and DeleteAuthorizer. Also available as a collection during reimport * * https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html * * Applies to resource types: * - Api * - Authorizer * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifResourceAuthorizerUri(value: string | string[], operator?: Operator | string): this; /** * Filters access by status of the default execute-api endpoint. Available during the UpdateApi and DeleteApi operations * * https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html * * Applies to resource types: * - Api * * @param value `true` or `false`. **Default:** `true` */ ifResourceDisableExecuteApiEndpoint(value?: boolean): this; /** * Filters access by endpoint type. Available during the UpdateDomainName, DeleteDomainName, UpdateApi, and DeleteApi operations * * https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html * * Applies to resource types: * - Api * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifResourceEndpointType(value: string | string[], operator?: Operator | string): this; /** * Filters access by URI of the truststore used for mutual TLS authentication. Available during the UpdateDomainName and DeleteDomainName operations * * https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifResourceMtlsTrustStoreUri(value: string | string[], operator?: Operator | string): this; /** * Filters access by version of the truststore used for mutual TLS authentication. Available during the UpdateDomainName and DeleteDomainName operations * * https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifResourceMtlsTrustStoreVersion(value: string | string[], operator?: Operator | string): this; /** * Filters access by authorization type of the existing Route resource, for example NONE, AWS_IAM, CUSTOM. Available during the UpdateRoute and DeleteRoute operations. Also available as a collection during reimport * * https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html * * Applies to resource types: * - Api * - Route * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifResourceRouteAuthorizationType(value: string | string[], operator?: Operator | string): this; /** * Filters access by TLS version. Available during the UpdateDomainName and DeleteDomainName operations * * https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifResourceSecurityPolicy(value: string | string[], operator?: Operator | string): this; /** * Filters access by the presence of tag key-value pairs in the request * * https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-tagging.html * * Applies to actions: * - .toDELETE() * - .toPATCH() * - .toPOST() * - .toPUT() * * @param tagKey The tag key to check * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifAwsRequestTag(tagKey: string, value: string | string[], operator?: Operator | string): this; /** * Filters access by tag key-value pairs attached to the resource * * https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-tagging.html * * Applies to resource types: * - AccessLogSettings * - Api * - Apis * - ApiMapping * - ApiMappings * - Authorizer * - Authorizers * - AuthorizersCache * - Cors * - Deployment * - Deployments * - ExportedAPI * - Integration * - Integrations * - IntegrationResponse * - IntegrationResponses * - Model * - Models * - ModelTemplate * - Route * - Routes * - RouteResponse * - RouteResponses * - RouteRequestParameter * - RouteSettings * - Stage * - Stages * - VpcLink * - VpcLinks * * @param tagKey The tag key to check * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifAwsResourceTag(tagKey: string, value: string | string[], operator?: Operator | string): this; /** * Filters access by the presence of tag keys in the request * * https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-tagging.html * * Applies to actions: * - .toDELETE() * - .toPATCH() * - .toPOST() * - .toPUT() * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifAwsTagKeys(value: string | string[], operator?: Operator | string): this; /** * Statement provider for service [apigateway-v2](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonapigatewaymanagementv2.html). * */ constructor(props?: iam.PolicyStatementProps); }