cdk-iam-floyd

import { AccessLevelList } from '../../shared/access-level'; import { PolicyStatement, Operator } from '../../shared'; import { aws_iam as iam } from "aws-cdk-lib"; /** * Statement provider for service [elasticache](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonelasticache.html). * * @param sid [SID](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_sid.html) of the statement */ export declare class Elasticache extends PolicyStatement { servicePrefix: string; /** * Grants permission to add tags to an ElastiCache resource * * Access Level: Tagging * * Possible conditions: * - .ifAwsTagKeys() * - .ifAwsRequestTag() * - .ifAwsResourceTag() * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_AddTagsToResource.html */ toAddTagsToResource(): this; /** * Grants permission to authorize an EC2 security group on a ElastiCache security group * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * * Dependent actions: * - ec2:AuthorizeSecurityGroupIngress * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_AuthorizeCacheSecurityGroupIngress.html */ toAuthorizeCacheSecurityGroupIngress(): this; /** * Grants permission to apply ElastiCache service updates to sets of clusters and replication groups * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * * Dependent actions: * - ec2:CreateNetworkInterface * - ec2:DeleteNetworkInterface * - ec2:DescribeNetworkInterfaces * - ec2:DescribeSubnets * - ec2:DescribeVpcs * - s3:GetObject * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_BatchApplyUpdateAction.html */ toBatchApplyUpdateAction(): this; /** * Grants permission to stop ElastiCache service updates from being executed on a set of clusters * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_BatchStopUpdateAction.html */ toBatchStopUpdateAction(): this; /** * Grants permission to complete an online migration of data from hosted Redis on Amazon EC2 to ElastiCache * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_CompleteMigration.html */ toCompleteMigration(): this; /** * Grants permission to connect as a specified ElastiCache user to an ElastiCache Replication Group or ElastiCache serverless cache * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * * https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/auth-iam.html */ toConnect(): this; /** * Grants permission to make a copy of an existing serverless cache snapshot * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * Dependent actions: * - elasticache:AddTagsToResource * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_CopyServerlessCacheSnapshot.html */ toCopyServerlessCacheSnapshot(): this; /** * Grants permission to make a copy of an existing snapshot * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * - .ifAwsRequestTag() * - .ifAwsTagKeys() * - .ifKmsKeyId() * * Dependent actions: * - elasticache:AddTagsToResource * - s3:DeleteObject * - s3:GetBucketAcl * - s3:PutObject * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_CopySnapshot.html */ toCopySnapshot(): this; /** * Grants permission to create a cache cluster * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * * Dependent actions: * - ec2:CreateNetworkInterface * - ec2:DeleteNetworkInterface * - ec2:DescribeNetworkInterfaces * - ec2:DescribeSubnets * - ec2:DescribeVpcs * - elasticache:AddTagsToResource * - s3:GetObject * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_CreateCacheCluster.html */ toCreateCacheCluster(): this; /** * Grants permission to create a parameter group * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * - .ifAwsRequestTag() * - .ifAwsTagKeys() * - .ifCacheParameterGroupName() * * Dependent actions: * - elasticache:AddTagsToResource * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_CreateCacheParameterGroup.html */ toCreateCacheParameterGroup(): this; /** * Grants permission to create a cache security group * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * Dependent actions: * - elasticache:AddTagsToResource * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_CreateCacheSecurityGroup.html */ toCreateCacheSecurityGroup(): this; /** * Grants permission to create a cache subnet group * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * Dependent actions: * - elasticache:AddTagsToResource * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_CreateCacheSubnetGroup.html */ toCreateCacheSubnetGroup(): this; /** * Grants permission to create a global replication group * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_CreateGlobalReplicationGroup.html */ toCreateGlobalReplicationGroup(): this; /** * Grants permission to create a replication group * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * * Dependent actions: * - ec2:CreateNetworkInterface * - ec2:DeleteNetworkInterface * - ec2:DescribeNetworkInterfaces * - ec2:DescribeSubnets * - ec2:DescribeVpcs * - elasticache:AddTagsToResource * - s3:GetObject * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_CreateReplicationGroup.html */ toCreateReplicationGroup(): this; /** * Grants permission to create a serverless cache * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * Dependent actions: * - ec2:CreateTags * - ec2:CreateVpcEndpoint * - ec2:DeleteVpcEndpoints * - ec2:DescribeSecurityGroups * - ec2:DescribeSubnets * - ec2:DescribeTags * - ec2:DescribeVpcEndpoints * - ec2:DescribeVpcs * - elasticache:AddTagsToResource * - s3:GetObject * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_CreateServerlessCache.html */ toCreateServerlessCache(): this; /** * Grants permission to create a copy of a serverless cache at a specific moment in time * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * Dependent actions: * - elasticache:AddTagsToResource * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_CreateServerlessCacheSnapshot.html */ toCreateServerlessCacheSnapshot(): this; /** * Grants permission to create a copy of an entire Redis cluster at a specific moment in time * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * * Dependent actions: * - elasticache:AddTagsToResource * - s3:DeleteObject * - s3:GetBucketAcl * - s3:PutObject * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_CreateSnapshot.html */ toCreateSnapshot(): this; /** * Grants permission to create a user for Redis. Users are supported from Redis 6.0 onwards * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * - .ifAwsRequestTag() * - .ifAwsTagKeys() * - .ifUserAuthenticationMode() * * Dependent actions: * - elasticache:AddTagsToResource * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_CreateUser.html */ toCreateUser(): this; /** * Grants permission to create a user group for Redis. Groups are supported from Redis 6.0 onwards * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * * Dependent actions: * - elasticache:AddTagsToResource * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_CreateUserGroup.html */ toCreateUserGroup(): this; /** * Grants permission to decrease the number of node groups in global replication groups * * Access Level: Write * * Possible conditions: * - .ifNumNodeGroups() * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DecreaseNodeGroupsInGlobalReplicationGroup.html */ toDecreaseNodeGroupsInGlobalReplicationGroup(): this; /** * Grants permission to decrease the number of replicas in a Redis (cluster mode disabled) replication group or the number of replica nodes in one or more node groups (shards) of a Redis (cluster mode enabled) replication group * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * - .ifReplicasPerNodeGroup() * * Dependent actions: * - ec2:CreateNetworkInterface * - ec2:DeleteNetworkInterface * - ec2:DescribeNetworkInterfaces * - ec2:DescribeSubnets * - ec2:DescribeVpcs * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DecreaseReplicaCount.html */ toDecreaseReplicaCount(): this; /** * Grants permission to delete a previously provisioned cluster * * Access Level: Write * * Dependent actions: * - ec2:CreateNetworkInterface * - ec2:DeleteNetworkInterface * - ec2:DescribeNetworkInterfaces * - ec2:DescribeSubnets * - ec2:DescribeVpcs * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DeleteCacheCluster.html */ toDeleteCacheCluster(): this; /** * Grants permission to delete the specified cache parameter group * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * - .ifCacheParameterGroupName() * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DeleteCacheParameterGroup.html */ toDeleteCacheParameterGroup(): this; /** * Grants permission to delete a cache security group * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DeleteCacheSecurityGroup.html */ toDeleteCacheSecurityGroup(): this; /** * Grants permission to delete a cache subnet group * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * * Dependent actions: * - ec2:CreateNetworkInterface * - ec2:DeleteNetworkInterface * - ec2:DescribeNetworkInterfaces * - ec2:DescribeSubnets * - ec2:DescribeVpcs * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DeleteCacheSubnetGroup.html */ toDeleteCacheSubnetGroup(): this; /** * Grants permission to delete an existing global replication group * * Access Level: Write * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DeleteGlobalReplicationGroup.html */ toDeleteGlobalReplicationGroup(): this; /** * Grants permission to delete an existing replication group * * Access Level: Write * * Dependent actions: * - ec2:CreateNetworkInterface * - ec2:DeleteNetworkInterface * - ec2:DescribeNetworkInterfaces * - ec2:DescribeSubnets * - ec2:DescribeVpcs * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DeleteReplicationGroup.html */ toDeleteReplicationGroup(): this; /** * Grants permission to delete a serverless cache * * Access Level: Write * * Dependent actions: * - ec2:DescribeTags * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DeleteServerlessCache.html */ toDeleteServerlessCache(): this; /** * Grants permission to delete a serverless cache snapshot * * Access Level: Write * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DeleteServerlessCacheSnapshot.html */ toDeleteServerlessCacheSnapshot(): this; /** * Grants permission to delete an existing snapshot * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DeleteSnapshot.html */ toDeleteSnapshot(): this; /** * Grants permission to delete an existing user and thus remove it from all user groups and replication groups where it was assigned * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DeleteUser.html */ toDeleteUser(): this; /** * Grants permission to delete an existing user group * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DeleteUserGroup.html */ toDeleteUserGroup(): this; /** * Grants permission to list information about provisioned cache clusters * * Access Level: List * * Possible conditions: * - .ifAwsResourceTag() * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DescribeCacheClusters.html */ toDescribeCacheClusters(): this; /** * Grants permission to list available cache engines and their versions * * Access Level: List * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DescribeCacheEngineVersions.html */ toDescribeCacheEngineVersions(): this; /** * Grants permission to list cache parameter group descriptions * * Access Level: List * * Possible conditions: * - .ifAwsResourceTag() * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DescribeCacheParameterGroups.html */ toDescribeCacheParameterGroups(): this; /** * Grants permission to retrieve the detailed parameter list for a particular cache parameter group * * Access Level: List * * Possible conditions: * - .ifAwsResourceTag() * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DescribeCacheParameters.html */ toDescribeCacheParameters(): this; /** * Grants permission to list cache security group descriptions * * Access Level: List * * Possible conditions: * - .ifAwsResourceTag() * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DescribeCacheSecurityGroups.html */ toDescribeCacheSecurityGroups(): this; /** * Grants permission to list cache subnet group descriptions * * Access Level: List * * Possible conditions: * - .ifAwsResourceTag() * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DescribeCacheSubnetGroups.html */ toDescribeCacheSubnetGroups(): this; /** * Grants permission to retrieve the default engine and system parameter information for the specified cache engine * * Access Level: List * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DescribeEngineDefaultParameters.html */ toDescribeEngineDefaultParameters(): this; /** * Grants permission to list events related to clusters, cache security groups, and cache parameter groups * * Access Level: List * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DescribeEvents.html */ toDescribeEvents(): this; /** * Grants permission to list information about global replication groups * * Access Level: List * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DescribeGlobalReplicationGroups.html */ toDescribeGlobalReplicationGroups(): this; /** * Grants permission to list information about provisioned replication groups * * Access Level: List * * Possible conditions: * - .ifAwsResourceTag() * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DescribeReplicationGroups.html */ toDescribeReplicationGroups(): this; /** * Grants permission to list information about purchased reserved cache nodes * * Access Level: List * * Possible conditions: * - .ifAwsResourceTag() * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DescribeReservedCacheNodes.html */ toDescribeReservedCacheNodes(): this; /** * Grants permission to list available reserved cache node offerings * * Access Level: List * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DescribeReservedCacheNodesOfferings.html */ toDescribeReservedCacheNodesOfferings(): this; /** * Grants permission to list information about serverless cache snapshots * * Access Level: List * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DescribeServerlessCacheSnapshots.html */ toDescribeServerlessCacheSnapshots(): this; /** * Grants permission to list serverless caches * * Access Level: List * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DescribeServerlessCaches.html */ toDescribeServerlessCaches(): this; /** * Grants permission to list details of the service updates * * Access Level: List * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DescribeServiceUpdates.html */ toDescribeServiceUpdates(): this; /** * Grants permission to list information about cluster or replication group snapshots * * Access Level: List * * Possible conditions: * - .ifAwsResourceTag() * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DescribeSnapshots.html */ toDescribeSnapshots(): this; /** * Grants permission to list details of the update actions for a set of clusters or replication groups * * Access Level: List * * Possible conditions: * - .ifAwsResourceTag() * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DescribeUpdateActions.html */ toDescribeUpdateActions(): this; /** * Grants permission to list information about Redis user groups * * Access Level: List * * Possible conditions: * - .ifAwsResourceTag() * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DescribeUserGroups.html */ toDescribeUserGroups(): this; /** * Grants permission to list information about Redis users * * Access Level: List * * Possible conditions: * - .ifAwsResourceTag() * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DescribeUsers.html */ toDescribeUsers(): this; /** * Grants permission to remove a secondary replication group from the global replication group * * Access Level: Write * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DisassociateGlobalReplicationGroup.html */ toDisassociateGlobalReplicationGroup(): this; /** * Grants permission to export a copy of a serverless cache at a specific moment in time to s3 bucket * * Access Level: Write * * Dependent actions: * - s3:DeleteObject * - s3:ListAllMyBuckets * - s3:PutObject * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_ExportServerlessCacheSnapshot.html */ toExportServerlessCacheSnapshot(): this; /** * Grants permission to failover the primary region to a selected secondary region of a global replication group * * Access Level: Write * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_FailoverGlobalReplicationGroup.html */ toFailoverGlobalReplicationGroup(): this; /** * Grants permission to increase the number of node groups in a global replication group * * Access Level: Write * * Possible conditions: * - .ifNumNodeGroups() * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_IncreaseNodeGroupsInGlobalReplicationGroup.html */ toIncreaseNodeGroupsInGlobalReplicationGroup(): this; /** * Grants permission to increase the number of replicas in a Redis (cluster mode disabled) replication group or the number of replica nodes in one or more node groups (shards) of a Redis (cluster mode enabled) replication group * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * - .ifReplicasPerNodeGroup() * * Dependent actions: * - ec2:CreateNetworkInterface * - ec2:DeleteNetworkInterface * - ec2:DescribeNetworkInterfaces * - ec2:DescribeSubnets * - ec2:DescribeVpcs * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_IncreaseReplicaCount.html */ toIncreaseReplicaCount(): this; /** * Grants permission to test an AZ power interruption for an ElastiCache resource * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * * https://docs.aws.amazon.com/fis/latest/userguide/fis-actions-reference.html#elasticache-actions-reference */ toInterruptClusterAzPower(): this; /** * Grants permission to list available node type that can be used to scale a particular Redis cluster or replication group * * Access Level: List * * Possible conditions: * - .ifAwsResourceTag() * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_ListAllowedNodeTypeModifications.html */ toListAllowedNodeTypeModifications(): this; /** * Grants permission to list tags for an ElastiCache resource * * Access Level: Read * * Possible conditions: * - .ifAwsResourceTag() * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_ListTagsForResource.html */ toListTagsForResource(): this; /** * Grants permission to modify settings for a cluster * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_ModifyCacheCluster.html */ toModifyCacheCluster(): this; /** * Grants permission to modify parameters of a cache parameter group * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * - .ifCacheParameterGroupName() * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_ModifyCacheParameterGroup.html */ toModifyCacheParameterGroup(): this; /** * Grants permission to modify an existing cache subnet group * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_ModifyCacheSubnetGroup.html */ toModifyCacheSubnetGroup(): this; /** * Grants permission to modify settings for a global replication group * * Access Level: Write * * Possible conditions: * - .ifCacheNodeType() * - .ifEngineVersion() * - .ifAutomaticFailoverEnabled() * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_ModifyGlobalReplicationGroup.html */ toModifyGlobalReplicationGroup(): this; /** * Grants permission to modify the settings for a replication group * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * * Dependent actions: * - ec2:CreateNetworkInterface * - ec2:DeleteNetworkInterface * - ec2:DescribeNetworkInterfaces * - ec2:DescribeSubnets * - ec2:DescribeVpcs * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_ModifyReplicationGroup.html */ toModifyReplicationGroup(): this; /** * Grants permission to add shards, remove shards, or rebalance the keyspaces among existing shards of a replication group * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * - .ifNumNodeGroups() * * Dependent actions: * - ec2:CreateNetworkInterface * - ec2:DeleteNetworkInterface * - ec2:DescribeNetworkInterfaces * - ec2:DescribeSubnets * - ec2:DescribeVpcs * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_ModifyReplicationGroupShardConfiguration.html */ toModifyReplicationGroupShardConfiguration(): this; /** * Grants permission to modify parameters for a serverless cache * * Access Level: Write * * Dependent actions: * - ec2:DescribeSecurityGroups * - ec2:DescribeTags * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_ModifyServerlessCache.html */ toModifyServerlessCache(): this; /** * Grants permission to change Redis user password(s) and/or access string * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * - .ifUserAuthenticationMode() * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_ModifyUser.html */ toModifyUser(): this; /** * Grants permission to change list of users that belong to the user group * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_ModifyUserGroup.html */ toModifyUserGroup(): this; /** * Grants permission to purchase a reserved cache node offering * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * Dependent actions: * - elasticache:AddTagsToResource * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_PurchaseReservedCacheNodesOffering.html */ toPurchaseReservedCacheNodesOffering(): this; /** * Grants permission to perform a key space rebalance operation to redistribute slots and ensure uniform key distribution across existing shards in a global replication group * * Access Level: Write * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_RebalanceSlotsInGlobalReplicationGroup.html */ toRebalanceSlotsInGlobalReplicationGroup(): this; /** * Grants permission to reboot some, or all, of the cache nodes within a provisioned cache cluster or replication group (cluster mode disabled) * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_RebootCacheCluster.html */ toRebootCacheCluster(): this; /** * Grants permission to remove tags from a ElastiCache resource * * Access Level: Tagging * * Possible conditions: * - .ifAwsTagKeys() * - .ifAwsResourceTag() * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_RemoveTagsFromResource.html */ toRemoveTagsFromResource(): this; /** * Grants permission to modify parameters of a cache parameter group back to their default values * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * - .ifCacheParameterGroupName() * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_ResetCacheParameterGroup.html */ toResetCacheParameterGroup(): this; /** * Grants permission to remove an EC2 security group ingress from a ElastiCache security group * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_RevokeCacheSecurityGroupIngress.html */ toRevokeCacheSecurityGroupIngress(): this; /** * Grants permission to start a migration of data from hosted Redis on Amazon EC2 to ElastiCache for Redis * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_StartMigration.html */ toStartMigration(): this; /** * Grants permission to test automatic failover on a specified node group in a replication group * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * * Dependent actions: * - ec2:CreateNetworkInterface * - ec2:DeleteNetworkInterface * - ec2:DescribeNetworkInterfaces * - ec2:DescribeSubnets * - ec2:DescribeVpcs * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_TestFailover.html */ toTestFailover(): this; /** * Grants permission to test a migration of data from hosted Redis on Amazon EC2 to ElastiCache for Redis * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * * https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_TestMigration.html */ toTestMigration(): this; protected accessLevelList: AccessLevelList; /** * Adds a resource of type parametergroup to the statement * * https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/WhatIs.Components.html#WhatIs.Components.ParameterGroups * * @param cacheParameterGroupName - Identifier for the cacheParameterGroupName. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsResourceTag() * - .ifAwsTagKeys() * - .ifCacheParameterGroupName() */ onParametergroup(cacheParameterGroupName: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type securitygroup to the statement * * https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/WhatIs.Components.html#WhatIs.Components.SecurityGroups * * @param cacheSecurityGroupName - Identifier for the cacheSecurityGroupName. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsResourceTag() * - .ifAwsTagKeys() */ onSecuritygroup(cacheSecurityGroupName: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type subnetgroup to the statement * * https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/WhatIs.Components.html#WhatIs.Components.SubnetGroups * * @param cacheSubnetGroupName - Identifier for the cacheSubnetGroupName. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsResourceTag() * - .ifAwsTagKeys() */ onSubnetgroup(cacheSubnetGroupName: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type replicationgroup to the statement * * https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/WhatIs.Components.html#WhatIs.Components.ReplicationGroups * * @param replicationGroupId - Identifier for the replicationGroupId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsResourceTag() * - .ifAwsTagKeys() * - .ifAtRestEncryptionEnabled() * - .ifAuthTokenEnabled() * - .ifAutomaticFailoverEnabled() * - .ifCacheNodeType() * - .ifCacheParameterGroupName() * - .ifClusterModeEnabled() * - .ifEngineType() * - .ifEngineVersion() * - .ifKmsKeyId() * - .ifMultiAZEnabled() * - .ifNumNodeGroups() * - .ifReplicasPerNodeGroup() * - .ifSnapshotRetentionLimit() * - .ifTransitEncryptionEnabled() */ onReplicationgroup(replicationGroupId: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type cluster to the statement * * https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/WhatIs.Components.html#WhatIs.Components.Clusters * * @param cacheClusterId - Identifier for the cacheClusterId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsResourceTag() * - .ifAwsTagKeys() * - .ifAuthTokenEnabled() * - .ifCacheNodeType() * - .ifCacheParameterGroupName() * - .ifEngineType() * - .ifEngineVersion() * - .ifMultiAZEnabled() * - .ifSnapshotRetentionLimit() */ onCluster(cacheClusterId: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type reserved-instance to the statement * * https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/reserved-nodes.html * * @param reservedCacheNodeId - Identifier for the reservedCacheNodeId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsResourceTag() * - .ifAwsTagKeys() */ onReservedInstance(reservedCacheNodeId: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type snapshot to the statement * * https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/WhatIs.Components.html#WhatIs.Components.Snapshots * * @param snapshotName - Identifier for the snapshotName. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsResourceTag() * - .ifAwsTagKeys() * - .ifKmsKeyId() */ onSnapshot(snapshotName: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type globalreplicationgroup to the statement * * https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/Redis-Global-Datastore.html * * @param globalReplicationGroupId - Identifier for the globalReplicationGroupId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAtRestEncryptionEnabled() * - .ifAuthTokenEnabled() * - .ifAutomaticFailoverEnabled() * - .ifCacheNodeType() * - .ifCacheParameterGroupName() * - .ifClusterModeEnabled() * - .ifEngineType() * - .ifEngineVersion() * - .ifKmsKeyId() * - .ifMultiAZEnabled() * - .ifNumNodeGroups() * - .ifReplicasPerNodeGroup() * - .ifSnapshotRetentionLimit() * - .ifTransitEncryptionEnabled() */ onGlobalreplicationgroup(globalReplicationGroupId: string, account?: string, partition?: string): this; /** * Adds a resource of type user to the statement * * https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/Clusters.RBAC.html * * @param userId - Identifier for the userId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsResourceTag() * - .ifAwsTagKeys() * - .ifUserAuthenticationMode() */ onUser(userId: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type usergroup to the statement * * https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/Clusters.RBAC.html * * @param userGroupId - Identifier for the userGroupId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsResourceTag() * - .ifAwsTagKeys() */ onUsergroup(userGroupId: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type serverlesscache to the statement * * https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/WhatIs.html * * @param serverlessCacheName - Identifier for the serverlessCacheName. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsResourceTag() * - .ifAwsTagKeys() * - .ifDataStorageUnit() * - .ifEngineType() * - .ifEngineVersion() * - .ifKmsKeyId() * - .ifMaximumDataStorage() * - .ifMaximumECPUPerSecond() * - .ifMinimumDataStorage() * - .ifMinimumECPUPerSecond() * - .ifSnapshotRetentionLimit() */ onServerlesscache(serverlessCacheName: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type serverlesscachesnapshot to the statement * * https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/WhatIs.html * * @param serverlessCacheSnapshotName - Identifier for the serverlessCacheSnapshotName. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsResourceTag() * - .ifAwsTagKeys() * - .ifKmsKeyId() */ onServerlesscachesnapshot(serverlessCacheSnapshotName: string, account?: string, region?: string, partition?: string): this; /** * Filters actions based on the tags that are passed in the request * * https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-requesttag * * Applies to actions: * - .toAddTagsToResource() * - .toCopyServerlessCacheSnapshot() * - .toCopySnapshot() * - .toCreateCacheCluster() * - .toCreateCacheParameterGroup() * - .toCreateCacheSecurityGroup() * - .toCreateCacheSubnetGroup() * - .toCreateReplicationGroup() * - .toCreateServerlessCache() * - .toCreateServerlessCacheSnapshot() * - .toCreateSnapshot() * - .toCreateUser() * - .toCreateUserGroup() * - .toPurchaseReservedCacheNodesOffering() * * Applies to resource types: * - parametergroup * - securitygroup * - subnetgroup * - replicationgroup * - cluster * - reserved-instance * - snapshot * - user * - usergroup * - serverlesscache * - serverlesscachesnapshot * * @param tagKey The tag key to check * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifAwsRequestTag(tagKey: string, value: string | string[], operator?: Operator | string): this; /** * Filters actions based on the tags associated with the resource * * https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-resourcetag * * Applies to actions: * - .toAddTagsToResource() * - .toAuthorizeCacheSecurityGroupIngress() * - .toBatchApplyUpdateAction() * - .toBatchStopUpdateAction() * - .toCompleteMigration() * - .toConnect() * - .toCopyServerlessCacheSnapshot() * - .toCopySnapshot() * - .toCreateCacheCluster() * - .toCreateCacheParameterGroup() * - .toCreateCacheSecurityGroup() * - .toCreateCacheSubnetGroup() * - .toCreateGlobalReplicationGroup() * - .toCreateReplicationGroup() * - .toCreateServerlessCache() * - .toCreateServerlessCacheSnapshot() * - .toCreateSnapshot() * - .toCreateUser() * - .toCreateUserGroup() * - .toDecreaseReplicaCount() * - .toDeleteCacheCluster() * - .toDeleteCacheParameterGroup() * - .toDeleteCacheSecurityGroup() * - .toDeleteCacheSubnetGroup() * - .toDeleteReplicationGroup() * - .toDeleteServerlessCache() * - .toDeleteServerlessCacheSnapshot() * - .toDeleteSnapshot() * - .toDeleteUser() * - .toDeleteUserGroup() * - .toDescribeCacheClusters() * - .toDescribeCacheParameterGroups() * - .toDescribeCacheParameters() * - .toDescribeCacheSecurityGroups() * - .toDescribeCacheSubnetGroups() * - .toDescribeReplicationGroups() * - .toDescribeReservedCacheNodes() * - .toDescribeServerlessCacheSnapshots() * - .toDescribeServerlessCaches() * - .toDescribeSnapshots() * - .toDescribeUpdateActions() * - .toDescribeUserGroups() * - .toDescribeUsers() * - .toExportServerlessCacheSnapshot() * - .toIncreaseReplicaCount() * - .toInterruptClusterAzPower() * - .toListAllowedNodeTypeModifications() * - .toListTagsForResource() * - .toModifyCacheCluster() * - .toModifyCacheParameterGroup() * - .toModifyCacheSubnetGroup() * - .toModifyReplicationGroup() * - .toModifyReplicationGroupShardConfiguration() * - .toModifyServerlessCache() * - .toModifyUser() * - .toModifyUserGroup() * - .toPurchaseReservedCacheNodesOffering() * - .toRebootCacheCluster() * - .toRemoveTagsFromResource() * - .toResetCacheParameterGroup() * - .toRevokeCacheSecurityGroupIngress() * - .toStartMigration() * - .toTestFailover() * - .toTestMigration() * * Applies to resource types: * - parametergroup * - securitygroup * - subnetgroup * - replicationgroup * - cluster * - reserved-instance * - snapshot * - user * - usergroup * - serverlesscache * - serverlesscachesnapshot * * @param tagKey The tag key to check * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifAwsResourceTag(tagKey: string, value: string | string[], operator?: Operator | string): this; /** * Filters actions based on the tag keys that are passed in the request * * https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-tagkeys * * Applies to actions: * - .toAddTagsToResource() * - .toCopyServerlessCacheSnapshot() * - .toCopySnapshot() * - .toCreateCacheCluster() * - .toCreateCacheParameterGroup() * - .toCreateCacheSecurityGroup() * - .toCreateCacheSubnetGroup() * - .toCreateReplicationGroup() * - .toCreateServerlessCache() * - .toCreateServerlessCacheSnapshot() * - .toCreateSnapshot() * - .toCreateUser() * - .toCreateUserGroup() * - .toPurchaseReservedCacheNodesOffering() * - .toRemoveTagsFromResource() * * Applies to resource types: * - parametergroup * - securitygroup * - subnetgroup * - replicationgroup * - cluster * - reserved-instance * - snapshot * - user * - usergroup * - serverlesscache * - serverlesscachesnapshot * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:**