cdk-iam-floyd
Version:
AWS IAM policy statement generator with fluent interface for AWS CDK
308 lines (307 loc) • 11 kB
TypeScript
import { AccessLevelList } from '../../shared/access-level';
import { PolicyStatement, Operator } from '../../shared';
import { aws_iam as iam } from "aws-cdk-lib";
/**
* Statement provider for service [dax](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazondynamodbacceleratordax.html).
*
* @param sid [SID](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_sid.html) of the statement
*/
export declare class Dax extends PolicyStatement {
servicePrefix: string;
/**
* Grants permission to return the attributes of one or more items from one or more tables
*
* Access Level: Read
*
* https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_BatchGetItem.html
*/
toBatchGetItem(): this;
/**
* Grants permission to put or delete multiple items in one or more tables
*
* Access Level: Write
*
* https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_BatchWriteItem.html
*/
toBatchWriteItem(): this;
/**
* Grants permission to the ConditionCheckItem operation that checks the existence of a set of attributes for the item with the given primary key
*
* Access Level: Read
*
* https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_ConditionCheckItem.html
*/
toConditionCheckItem(): this;
/**
* Grants permission to create a DAX cluster
*
* Access Level: Write
*
* Dependent actions:
* - dax:CreateParameterGroup
* - dax:CreateSubnetGroup
* - ec2:CreateNetworkInterface
* - ec2:DeleteNetworkInterface
* - ec2:DescribeNetworkInterfaces
* - ec2:DescribeSecurityGroups
* - ec2:DescribeSubnets
* - ec2:DescribeVpcs
* - iam:GetRole
* - iam:PassRole
*
* https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_CreateCluster.html
*/
toCreateCluster(): this;
/**
* Grants permission to create a parameter group
*
* Access Level: Write
*
* https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_CreateParameterGroup.html
*/
toCreateParameterGroup(): this;
/**
* Grants permission to create a subnet group
*
* Access Level: Write
*
* https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_CreateSubnetGroup.html
*/
toCreateSubnetGroup(): this;
/**
* Grants permission to remove one or more nodes from a DAX cluster
*
* Access Level: Write
*
* https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_DecreaseReplicationFactor.html
*/
toDecreaseReplicationFactor(): this;
/**
* Grants permission to delete a previously provisioned DAX cluster
*
* Access Level: Write
*
* https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_DeleteCluster.html
*/
toDeleteCluster(): this;
/**
* Grants permission to delete a single item in a table by primary key
*
* Access Level: Write
*
* Possible conditions:
* - .ifEnclosingOperation()
*
* https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_DeleteItem.html
*/
toDeleteItem(): this;
/**
* Grants permission to delete the specified parameter group
*
* Access Level: Write
*
* https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_DeleteParameterGroup.html
*/
toDeleteParameterGroup(): this;
/**
* Grants permission to delete a subnet group
*
* Access Level: Write
*
* https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_DeleteSubnetGroup.html
*/
toDeleteSubnetGroup(): this;
/**
* Grants permission to return information about all provisioned DAX clusters
*
* Access Level: List
*
* https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_DescribeClusters.html
*/
toDescribeClusters(): this;
/**
* Grants permission to return the default system parameter information for DAX
*
* Access Level: List
*
* https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_DescribeDefaultParameters.html
*/
toDescribeDefaultParameters(): this;
/**
* Grants permission to return events related to DAX clusters and parameter groups
*
* Access Level: List
*
* https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_DescribeEvents.html
*/
toDescribeEvents(): this;
/**
* Grants permission to return a list of parameter group descriptions
*
* Access Level: List
*
* https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_DescribeParameterGroups.html
*/
toDescribeParameterGroups(): this;
/**
* Grants permission to return the detailed parameter list for a particular parameter group
*
* Access Level: Read
*
* https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_DescribeParameters.html
*/
toDescribeParameters(): this;
/**
* Grants permission to return a list of subnet group descriptions
*
* Access Level: List
*
* https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_DescribeSubnetGroups.html
*/
toDescribeSubnetGroups(): this;
/**
* Grants permission to the GetItem operation that returns a set of attributes for the item with the given primary key
*
* Access Level: Read
*
* Possible conditions:
* - .ifEnclosingOperation()
*
* https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_GetItem.html
*/
toGetItem(): this;
/**
* Grants permission to add one or more nodes to a DAX cluster
*
* Access Level: Write
*
* https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_IncreaseReplicationFactor.html
*/
toIncreaseReplicationFactor(): this;
/**
* Grants permission to return a list all of the tags for a DAX cluster
*
* Access Level: Read
*
* https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_ListTags.html
*/
toListTags(): this;
/**
* Grants permission to create a new item, or replace an old item with a new item
*
* Access Level: Write
*
* Possible conditions:
* - .ifEnclosingOperation()
*
* https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_PutItem.html
*/
toPutItem(): this;
/**
* Grants permission to use the primary key of a table or a secondary index to directly access items from that table or index
*
* Access Level: Read
*
* https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_Query.html
*/
toQuery(): this;
/**
* Grants permission to reboot a single node of a DAX cluster
*
* Access Level: Write
*
* https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_RebootNode.html
*/
toRebootNode(): this;
/**
* Grants permission to return one or more items and item attributes by accessing every item in a table or a secondary index
*
* Access Level: Read
*
* https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_Scan.html
*/
toScan(): this;
/**
* Grants permission to associate a set of tags with a DAX resource
*
* Access Level: Tagging
*
* https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_TagResource.html
*/
toTagResource(): this;
/**
* Grants permission to remove the association of tags from a DAX resource
*
* Access Level: Tagging
*
* https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_UntagResource.html
*/
toUntagResource(): this;
/**
* Grants permission to modify the settings for a DAX cluster
*
* Access Level: Write
*
* https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_UpdateCluster.html
*/
toUpdateCluster(): this;
/**
* Grants permission to edit an existing item's attributes, or adds a new item to the table if it does not already exist
*
* Access Level: Write
*
* Possible conditions:
* - .ifEnclosingOperation()
*
* https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_UpdateItem.html
*/
toUpdateItem(): this;
/**
* Grants permission to modify the parameters of a parameter group
*
* Access Level: Write
*
* https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_UpdateParameterGroup.html
*/
toUpdateParameterGroup(): this;
/**
* Grants permission to modify an existing subnet group
*
* Access Level: Write
*
* https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_UpdateSubnetGroup.html
*/
toUpdateSubnetGroup(): this;
protected accessLevelList: AccessLevelList;
/**
* Adds a resource of type application to the statement
*
* https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/DAX.access-control.html
*
* @param clusterName - Identifier for the clusterName.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*/
onApplication(clusterName: string, account?: string, region?: string, partition?: string): this;
/**
* Used to block Transactions APIs calls and allow the non-Transaction APIs calls and vice-versa
*
* https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/DAX.access-control.htmlspecifying-conditions.html#FGAC_DDB.ConditionKeys
*
* Applies to actions:
* - .toDeleteItem()
* - .toGetItem()
* - .toPutItem()
* - .toUpdateItem()
*
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifEnclosingOperation(value: string | string[], operator?: Operator | string): this;
/**
* Statement provider for service [dax](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazondynamodbacceleratordax.html).
*
*/
constructor(props?: iam.PolicyStatementProps);
}