cdk-iam-floyd
Version:
AWS IAM policy statement generator with fluent interface for AWS CDK
1,067 lines • 100 kB
JavaScript
"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.Guardduty = void 0;
const shared_1 = require("../../shared");
/**
* Statement provider for service [guardduty](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonguardduty.html).
*
* @param sid [SID](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_sid.html) of the statement
*/
class Guardduty extends shared_1.PolicyStatement {
/**
* Grants permission to accept invitations to become a GuardDuty member account
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_AcceptAdministratorInvitation.html
*/
toAcceptAdministratorInvitation() {
return this.to('AcceptAdministratorInvitation');
}
/**
* Grants permission to accept invitations to become a GuardDuty member account
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_AcceptInvitation.html
*/
toAcceptInvitation() {
return this.to('AcceptInvitation');
}
/**
* Grants permission to archive GuardDuty findings
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ArchiveFindings.html
*/
toArchiveFindings() {
return this.to('ArchiveFindings');
}
/**
* Grants permission to create a detector
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsResourceTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_CreateDetector.html
*/
toCreateDetector() {
return this.to('CreateDetector');
}
/**
* Grants permission to create GuardDuty filters. A filters defines finding attributes and conditions used to filter findings
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_CreateFilter.html
*/
toCreateFilter() {
return this.to('CreateFilter');
}
/**
* Grants permission to create an IPSet
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsResourceTag()
* - .ifAwsTagKeys()
*
* Dependent actions:
* - iam:DeleteRolePolicy
* - iam:PutRolePolicy
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_CreateIPSet.html
*/
toCreateIPSet() {
return this.to('CreateIPSet');
}
/**
* Grants permission to create a new Malware Protection plan
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsResourceTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_CreateMalwareProtectionPlan.html
*/
toCreateMalwareProtectionPlan() {
return this.to('CreateMalwareProtectionPlan');
}
/**
* Grants permission to create GuardDuty member accounts, where the account used to create a member becomes the GuardDuty administrator account
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_CreateMembers.html
*/
toCreateMembers() {
return this.to('CreateMembers');
}
/**
* Grants permission to create a publishing destination
*
* Access Level: Write
*
* Dependent actions:
* - s3:GetObject
* - s3:ListBucket
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_CreatePublishingDestination.html
*/
toCreatePublishingDestination() {
return this.to('CreatePublishingDestination');
}
/**
* Grants permission to create sample findings
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_CreateSampleFindings.html
*/
toCreateSampleFindings() {
return this.to('CreateSampleFindings');
}
/**
* Grants permission to create GuardDuty ThreatIntelSets, where a ThreatIntelSet consists of known malicious IP addresses used by GuardDuty to generate findings
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_CreateThreatIntelSet.html
*/
toCreateThreatIntelSet() {
return this.to('CreateThreatIntelSet');
}
/**
* Grants permission to decline invitations to become a GuardDuty member account
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeclineInvitations.html
*/
toDeclineInvitations() {
return this.to('DeclineInvitations');
}
/**
* Grants permission to delete GuardDuty detectors
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeleteDetector.html
*/
toDeleteDetector() {
return this.to('DeleteDetector');
}
/**
* Grants permission to delete GuardDuty filters
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeleteFilter.html
*/
toDeleteFilter() {
return this.to('DeleteFilter');
}
/**
* Grants permission to delete GuardDuty IPSets
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeleteIPSet.html
*/
toDeleteIPSet() {
return this.to('DeleteIPSet');
}
/**
* Grants permission to delete invitations to become a GuardDuty member account
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeleteInvitations.html
*/
toDeleteInvitations() {
return this.to('DeleteInvitations');
}
/**
* Grants permission to delete a Malware Protection plan
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeleteMalwareProtectionPlan.html
*/
toDeleteMalwareProtectionPlan() {
return this.to('DeleteMalwareProtectionPlan');
}
/**
* Grants permission to delete GuardDuty member accounts
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeleteMembers.html
*/
toDeleteMembers() {
return this.to('DeleteMembers');
}
/**
* Grants permission to delete a publishing destination
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeletePublishingDestination.html
*/
toDeletePublishingDestination() {
return this.to('DeletePublishingDestination');
}
/**
* Grants permission to delete GuardDuty ThreatIntelSets
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeleteThreatIntelSet.html
*/
toDeleteThreatIntelSet() {
return this.to('DeleteThreatIntelSet');
}
/**
* Grants permission to retrieve details about malware scans
*
* Access Level: Read
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DescribeMalwareScans.html
*/
toDescribeMalwareScans() {
return this.to('DescribeMalwareScans');
}
/**
* Grants permission to retrieve details about the delegated administrator associated with a GuardDuty detector
*
* Access Level: Read
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DescribeOrganizationConfiguration.html
*/
toDescribeOrganizationConfiguration() {
return this.to('DescribeOrganizationConfiguration');
}
/**
* Grants permission to retrieve details about a publishing destination
*
* Access Level: Read
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DescribePublishingDestination.html
*/
toDescribePublishingDestination() {
return this.to('DescribePublishingDestination');
}
/**
* Grants permission to disable the organization delegated administrator for GuardDuty
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DisableOrganizationAdminAccount.html
*/
toDisableOrganizationAdminAccount() {
return this.to('DisableOrganizationAdminAccount');
}
/**
* Grants permission to disassociate a GuardDuty member account from its GuardDuty administrator account
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DisassociateFromAdministratorAccount.html
*/
toDisassociateFromAdministratorAccount() {
return this.to('DisassociateFromAdministratorAccount');
}
/**
* Grants permission to disassociate a GuardDuty member account from its GuardDuty administrator account
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DisassociateFromMasterAccount.html
*/
toDisassociateFromMasterAccount() {
return this.to('DisassociateFromMasterAccount');
}
/**
* Grants permission to disassociate GuardDuty member accounts from their administrator GuardDuty account
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DisassociateMembers.html
*/
toDisassociateMembers() {
return this.to('DisassociateMembers');
}
/**
* Grants permission to enable an organization delegated administrator for GuardDuty
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_EnableOrganizationAdminAccount.html
*/
toEnableOrganizationAdminAccount() {
return this.to('EnableOrganizationAdminAccount');
}
/**
* Grants permission to retrieve details of the GuardDuty administrator account associated with a member account
*
* Access Level: Read
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetAdministratorAccount.html
*/
toGetAdministratorAccount() {
return this.to('GetAdministratorAccount');
}
/**
* Grants permission to list Amazon GuardDuty coverage statistics for the specified GuardDuty account in a Region
*
* Access Level: Read
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetCoverageStatistics.html
*/
toGetCoverageStatistics() {
return this.to('GetCoverageStatistics');
}
/**
* Grants permission to retrieve GuardDuty detectors
*
* Access Level: Read
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetDetector.html
*/
toGetDetector() {
return this.to('GetDetector');
}
/**
* Grants permission to retrieve GuardDuty filters
*
* Access Level: Read
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetFilter.html
*/
toGetFilter() {
return this.to('GetFilter');
}
/**
* Grants permission to retrieve GuardDuty findings
*
* Access Level: Read
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetFindings.html
*/
toGetFindings() {
return this.to('GetFindings');
}
/**
* Grants permission to retrieve a list of GuardDuty finding statistics
*
* Access Level: Read
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetFindingsStatistics.html
*/
toGetFindingsStatistics() {
return this.to('GetFindingsStatistics');
}
/**
* Grants permission to retrieve GuardDuty IPSets
*
* Access Level: Read
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetIPSet.html
*/
toGetIPSet() {
return this.to('GetIPSet');
}
/**
* Grants permission to retrieve the count of all GuardDuty invitations sent to a specified account, which does not include the accepted invitation
*
* Access Level: Read
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetInvitationsCount.html
*/
toGetInvitationsCount() {
return this.to('GetInvitationsCount');
}
/**
* Grants permission to retrieve a Malware Protection plan details
*
* Access Level: Read
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetMalwareProtectionPlan.html
*/
toGetMalwareProtectionPlan() {
return this.to('GetMalwareProtectionPlan');
}
/**
* Grants permission to retrieve the malware scan settings
*
* Access Level: Read
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetMalwareScanSettings.html
*/
toGetMalwareScanSettings() {
return this.to('GetMalwareScanSettings');
}
/**
* Grants permission to retrieve details of the GuardDuty administrator account associated with a member account
*
* Access Level: Read
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetMasterAccount.html
*/
toGetMasterAccount() {
return this.to('GetMasterAccount');
}
/**
* Grants permission to describe which data sources are enabled for member accounts detectors
*
* Access Level: Read
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetMemberDetectors.html
*/
toGetMemberDetectors() {
return this.to('GetMemberDetectors');
}
/**
* Grants permission to retrieve the member accounts associated with an administrator account
*
* Access Level: Read
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetMembers.html
*/
toGetMembers() {
return this.to('GetMembers');
}
/**
* Grants permission to retrieve GuardDuty protection plan coverage statistics for member accounts in a Region
*
* Access Level: Read
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetOrganizationStatistics.html
*/
toGetOrganizationStatistics() {
return this.to('GetOrganizationStatistics');
}
/**
* Grants permission to provide the number of days left for each data source used in the free trial period
*
* Access Level: Read
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetRemainingFreeTrialDays.html
*/
toGetRemainingFreeTrialDays() {
return this.to('GetRemainingFreeTrialDays');
}
/**
* Grants permission to retrieve GuardDuty ThreatIntelSets
*
* Access Level: Read
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetThreatIntelSet.html
*/
toGetThreatIntelSet() {
return this.to('GetThreatIntelSet');
}
/**
* Grants permission to list Amazon GuardDuty usage statistics over the last 30 days for the specified detector ID
*
* Access Level: Read
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetUsageStatistics.html
*/
toGetUsageStatistics() {
return this.to('GetUsageStatistics');
}
/**
* Grants permission to invite other AWS accounts to enable GuardDuty and become GuardDuty member accounts
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_InviteMembers.html
*/
toInviteMembers() {
return this.to('InviteMembers');
}
/**
* Grants permission to list all the resource details for a given account in a Region
*
* Access Level: List
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListCoverage.html
*/
toListCoverage() {
return this.to('ListCoverage');
}
/**
* Grants permission to retrieve a list of GuardDuty detectors
*
* Access Level: List
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListDetectors.html
*/
toListDetectors() {
return this.to('ListDetectors');
}
/**
* Grants permission to retrieve a list of GuardDuty filters
*
* Access Level: List
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListFilters.html
*/
toListFilters() {
return this.to('ListFilters');
}
/**
* Grants permission to retrieve a list of GuardDuty findings
*
* Access Level: List
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListFindings.html
*/
toListFindings() {
return this.to('ListFindings');
}
/**
* Grants permission to retrieve a list of GuardDuty IPSets
*
* Access Level: List
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListIPSets.html
*/
toListIPSets() {
return this.to('ListIPSets');
}
/**
* Grants permission to retrieve a list of all of the GuardDuty membership invitations that were sent to an AWS account
*
* Access Level: List
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListInvitations.html
*/
toListInvitations() {
return this.to('ListInvitations');
}
/**
* Grants permission to retrieve a list of Malware Protection plans
*
* Access Level: List
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListMalwareProtectionPlans.html
*/
toListMalwareProtectionPlans() {
return this.to('ListMalwareProtectionPlans');
}
/**
* Grants permission to retrieve a list of GuardDuty member accounts associated with an administrator account
*
* Access Level: List
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListMembers.html
*/
toListMembers() {
return this.to('ListMembers');
}
/**
* Grants permission to list details about the organization delegated administrator for GuardDuty
*
* Access Level: List
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListOrganizationAdminAccounts.html
*/
toListOrganizationAdminAccounts() {
return this.to('ListOrganizationAdminAccounts');
}
/**
* Grants permission to retrieve a list of publishing destinations
*
* Access Level: List
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListPublishingDestinations.html
*/
toListPublishingDestinations() {
return this.to('ListPublishingDestinations');
}
/**
* Grants permission to retrieve a list of tags associated with a GuardDuty resource
*
* Access Level: Read
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListTagsForResource.html
*/
toListTagsForResource() {
return this.to('ListTagsForResource');
}
/**
* Grants permission to retrieve a list of GuardDuty ThreatIntelSets
*
* Access Level: List
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListThreatIntelSets.html
*/
toListThreatIntelSets() {
return this.to('ListThreatIntelSets');
}
/**
* Grants permission to send security telemetry for a specific GuardDuty account in a Region
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_SendSecurityTelemetry.html
*/
toSendSecurityTelemetry() {
return this.to('SendSecurityTelemetry');
}
/**
* Grants permission to initiate a new malware scan
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_StartMalwareScan.html
*/
toStartMalwareScan() {
return this.to('StartMalwareScan');
}
/**
* Grants permission to a GuardDuty administrator account to monitor findings from GuardDuty member accounts
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_StartMonitoringMembers.html
*/
toStartMonitoringMembers() {
return this.to('StartMonitoringMembers');
}
/**
* Grants permission to disable monitoring findings from member accounts
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_StopMonitoringMembers.html
*/
toStopMonitoringMembers() {
return this.to('StopMonitoringMembers');
}
/**
* Grants permission to add tags to a GuardDuty resource
*
* Access Level: Tagging
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_TagResource.html
*/
toTagResource() {
return this.to('TagResource');
}
/**
* Grants permission to unarchive GuardDuty findings
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_UnarchiveFindings.html
*/
toUnarchiveFindings() {
return this.to('UnarchiveFindings');
}
/**
* Grants permission to remove tags from a GuardDuty resource
*
* Access Level: Tagging
*
* Possible conditions:
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_UntagResource.html
*/
toUntagResource() {
return this.to('UntagResource');
}
/**
* Grants permission to update GuardDuty detectors
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_UpdateDetector.html
*/
toUpdateDetector() {
return this.to('UpdateDetector');
}
/**
* Grants permission to updates GuardDuty filters
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_UpdateFilter.html
*/
toUpdateFilter() {
return this.to('UpdateFilter');
}
/**
* Grants permission to update findings feedback to mark GuardDuty findings as useful or not useful
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_UpdateFindingsFeedback.html
*/
toUpdateFindingsFeedback() {
return this.to('UpdateFindingsFeedback');
}
/**
* Grants permission to update GuardDuty IPSets
*
* Access Level: Write
*
* Dependent actions:
* - iam:DeleteRolePolicy
* - iam:PutRolePolicy
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_UpdateIPSet.html
*/
toUpdateIPSet() {
return this.to('UpdateIPSet');
}
/**
* Grants permission to update the Malware Protection plan
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_UpdateMalwareProtectionPlan.html
*/
toUpdateMalwareProtectionPlan() {
return this.to('UpdateMalwareProtectionPlan');
}
/**
* Grants permission to update the malware scan settings
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_UpdateMalwareScanSettings.html
*/
toUpdateMalwareScanSettings() {
return this.to('UpdateMalwareScanSettings');
}
/**
* Grants permission to update which data sources are enabled for member accounts detectors
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_UpdateMemberDetectors.html
*/
toUpdateMemberDetectors() {
return this.to('UpdateMemberDetectors');
}
/**
* Grants permission to update the delegated administrator configuration associated with a GuardDuty detector
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_UpdateOrganizationConfiguration.html
*/
toUpdateOrganizationConfiguration() {
return this.to('UpdateOrganizationConfiguration');
}
/**
* Grants permission to update a publishing destination
*
* Access Level: Write
*
* Dependent actions:
* - s3:GetObject
* - s3:ListBucket
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_UpdatePublishingDestination.html
*/
toUpdatePublishingDestination() {
return this.to('UpdatePublishingDestination');
}
/**
* Grants permission to updates the GuardDuty ThreatIntelSets
*
* Access Level: Write
*
* Dependent actions:
* - iam:DeleteRolePolicy
* - iam:PutRolePolicy
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_UpdateThreatIntelSet.html
*/
toUpdateThreatIntelSet() {
return this.to('UpdateThreatIntelSet');
}
/**
* Adds a resource of type detector to the statement
*
* https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_managing_access.html#guardduty-resources
*
* @param detectorId - Identifier for the detectorId.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onDetector(detectorId, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:guardduty:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:detector/${detectorId}`);
}
/**
* Adds a resource of type filter to the statement
*
* https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_managing_access.html#guardduty-resources
*
* @param detectorId - Identifier for the detectorId.
* @param filterName - Identifier for the filterName.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onFilter(detectorId, filterName, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:guardduty:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:detector/${detectorId}/filter/${filterName}`);
}
/**
* Adds a resource of type ipset to the statement
*
* https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_managing_access.html#guardduty-resources
*
* @param detectorId - Identifier for the detectorId.
* @param iPSetId - Identifier for the iPSetId.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onIpset(detectorId, iPSetId, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:guardduty:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:detector/${detectorId}/ipset/${iPSetId}`);
}
/**
* Adds a resource of type threatintelset to the statement
*
* https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_managing_access.html#guardduty-resources
*
* @param detectorId - Identifier for the detectorId.
* @param threatIntelSetId - Identifier for the threatIntelSetId.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onThreatintelset(detectorId, threatIntelSetId, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:guardduty:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:detector/${detectorId}/threatintelset/${threatIntelSetId}`);
}
/**
* Adds a resource of type publishingDestination to the statement
*
* https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_managing_access.html#guardduty-resources
*
* @param detectorId - Identifier for the detectorId.
* @param publishingDestinationId - Identifier for the publishingDestinationId.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*/
onPublishingDestination(detectorId, publishingDestinationId, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:guardduty:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:detector/${detectorId}/publishingDestination/${publishingDestinationId}`);
}
/**
* Adds a resource of type malwareprotectionplan to the statement
*
* https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_managing_access.html#guardduty-resources
*
* @param malwareProtectionPlanId - Identifier for the malwareProtectionPlanId.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onMalwareprotectionplan(malwareProtectionPlanId, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:guardduty:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:malware-protection-plan/${malwareProtectionPlanId}`);
}
/**
* Filters access by tag key-value pairs in the request
*
* https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-requesttag
*
* Applies to actions:
* - .toCreateDetector()
* - .toCreateFilter()
* - .toCreateIPSet()
* - .toCreateMalwareProtectionPlan()
* - .toCreateThreatIntelSet()
* - .toTagResource()
*
* @param tagKey The tag key to check
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifAwsRequestTag(tagKey, value, operator) {
return this.if(`aws:RequestTag/${tagKey}`, value, operator ?? 'StringLike');
}
/**
* Filters access by tag key-value pairs attached to the resource
*
* https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-resourcetag
*
* Applies to actions:
* - .toCreateDetector()
* - .toCreateIPSet()
* - .toCreateMalwareProtectionPlan()
*
* Applies to resource types:
* - detector
* - filter
* - ipset
* - threatintelset
* - malwareprotectionplan
*
* @param tagKey The tag key to check
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifAwsResourceTag(tagKey, value, operator) {
return this.if(`aws:ResourceTag/${tagKey}`, value, operator ?? 'StringLike');
}
/**
* Filters access by tag keys in the request
*
* https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-tagkeys
*
* Applies to actions:
* - .toCreateDetector()
* - .toCreateFilter()
* - .toCreateIPSet()
* - .toCreateMalwareProtectionPlan()
* - .toCreateThreatIntelSet()
* - .toTagResource()
* - .toUntagResource()
*
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifAwsTagKeys(value, operator) {
return this.if(`aws:TagKeys`, value, operator ?? 'StringLike');
}
/**
* Statement provider for service [guardduty](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonguardduty.html).
*
*/
constructor(props) {
super(props);
this.servicePrefix = 'guardduty';
this.accessLevelList = {
Write: [
'AcceptAdministratorInvitation',
'AcceptInvitation',
'ArchiveFindings',
'CreateDetector',
'CreateFilter',
'CreateIPSet',
'CreateMalwareProtectionPlan',
'CreateMembers',
'CreatePublishingDestination',
'CreateSampleFindings',
'CreateThreatIntelSet',
'DeclineInvitations',
'DeleteDetector',
'DeleteFilter',
'DeleteIPSet',
'DeleteInvitations',
'DeleteMalwareProtectionPlan',
'DeleteMembers',
'DeletePublishingDestination',
'DeleteThreatIntelSet',
'DisableOrganizationAdminAccount',
'DisassociateFromAdministratorAccount',
'DisassociateFromMasterAccount',
'DisassociateMembers',
'EnableOrganizationAdminAccount',
'InviteMembers',
'SendSecurityTelemetry',
'StartMalwareScan',
'StartMonitoringMembers',
'StopMonitoringMembers',
'UnarchiveFindings',
'UpdateDetector',
'UpdateFilter',
'UpdateFindingsFeedback',
'UpdateIPSet',
'UpdateMalwareProtectionPlan',
'UpdateMalwareScanSettings',
'UpdateMemberDetectors',
'UpdateOrganizationConfiguration',
'UpdatePublishingDestination',
'UpdateThreatIntelSet'
],
Read: [
'DescribeMalwareScans',
'DescribeOrganizationConfiguration',
'DescribePublishingDestination',
'GetAdministratorAccount',
'GetCoverageStatistics',
'GetDetector',
'GetFilter',
'GetFindings',
'GetFindingsStatistics',
'GetIPSet',
'GetInvitationsCount',
'GetMalwareProtectionPlan',
'GetMalwareScanSettings',
'GetMasterAccount',
'GetMemberDetectors',
'GetMembers',
'GetOrganizationStatistics',
'GetRemainingFreeTrialDays',
'GetThreatIntelSet',
'GetUsageStatistics',
'ListTagsForResource'
],
List: [
'ListCoverage',
'ListDetectors',
'ListFilters',
'ListFindings',
'ListIPSets',
'ListInvitations',
'ListMalwareProtectionPlans',
'ListMembers',
'ListOrganizationAdminAccounts',
'ListPublishingDestinations',
'ListThreatIntelSets'
],
Tagging: [
'TagResource',
'UntagResource'
]
};
}
}
exports.Guardduty = Guardduty;
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZ3VhcmRkdXR5LmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiZ3VhcmRkdXR5LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUNBLHlDQUF5RDtBQUd6RDs7OztHQUlHO0FBQ0gsTUFBYSxTQUFVLFNBQVEsd0JBQWU7SUFHNUM7Ozs7OztPQU1HO0lBQ0ksK0JBQStCO1FBQ3BDLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQywrQkFBK0IsQ0FBQyxDQUFDO0lBQ2xELENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxrQkFBa0I7UUFDdkIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLGtCQUFrQixDQUFDLENBQUM7SUFDckMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLGlCQUFpQjtRQUN0QixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsaUJBQWlCLENBQUMsQ0FBQztJQUNwQyxDQUFDO0lBRUQ7Ozs7Ozs7Ozs7O09BV0c7SUFDSSxnQkFBZ0I7UUFDckIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLGdCQUFnQixDQUFDLENBQUM7SUFDbkMsQ0FBQztJQUVEOzs7Ozs7Ozs7O09BVUc7SUFDSSxjQUFjO1FBQ25CLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxjQUFjLENBQUMsQ0FBQztJQUNqQyxDQUFDO0lBRUQ7Ozs7Ozs7Ozs7Ozs7OztPQWVHO0lBQ0ksYUFBYTtRQUNsQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsYUFBYSxDQUFDLENBQUM7SUFDaEMsQ0FBQztJQUVEOzs7Ozs7Ozs7OztPQVdHO0lBQ0ksNkJBQTZCO1FBQ2xDLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyw2QkFBNkIsQ0FBQyxDQUFDO0lBQ2hELENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxlQUFlO1FBQ3BCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxlQUFlLENBQUMsQ0FBQztJQUNsQyxDQUFDO0lBRUQ7Ozs7Ozs7Ozs7T0FVRztJQUNJLDZCQUE2QjtRQUNsQyxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsNkJBQTZCLENBQUMsQ0FBQztJQUNoRCxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksc0JBQXNCO1FBQzNCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxzQkFBc0IsQ0FBQyxDQUFDO0lBQ3pDLENBQUM7SUFFRDs7Ozs7Ozs7OztPQVVHO0lBQ0ksc0JBQXNCO1FBQzNCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxzQkFBc0IsQ0FBQyxDQUFDO0lBQ3pDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxvQkFBb0I7UUFDekIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLG9CQUFvQixDQUFDLENBQUM7SUFDdkMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLGdCQUFnQjtRQUNyQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsZ0JBQWdCLENBQUMsQ0FBQztJQUNuQyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksY0FBYztRQUNuQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsY0FBYyxDQUFDLENBQUM7SUFDakMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLGFBQWE7UUFDbEIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLGFBQWEsQ0FBQyxDQUFDO0lBQ2hDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxtQkFBbUI7UUFDeEIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLG1CQUFtQixDQUFDLENBQUM7SUFDdEMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLDZCQUE2QjtRQUNsQyxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsNkJBQTZCLENBQUMsQ0FBQztJQUNoRCxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksZUFBZTtRQUNwQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsZUFBZSxDQUFDLENBQUM7SUFDbEMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLDZCQUE2QjtRQUNsQyxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsNkJBQTZCLENBQUMsQ0FBQztJQUNoRCxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksc0JBQXNCO1FBQzNCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxzQkFBc0IsQ0FBQyxDQUFDO0lBQ3pDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxzQkFBc0I7UUFDM0IsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLHNCQUFzQixDQUFDLENBQUM7SUFDekMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLG1DQUFtQztRQUN4QyxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsbUNBQW1DLENBQUMsQ0FBQztJQUN0RCxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksK0JBQStCO1FBQ3BDLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQywrQkFBK0IsQ0FBQyxDQUFDO0lBQ2xELENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxpQ0FBaUM7UUFDdEMsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLGlDQUFpQyxDQUFDLENBQUM7SUFDcEQsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLHNDQUFzQztRQUMzQyxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsc0NBQXNDLENBQUMsQ0FBQztJQUN6RCxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksK0JBQStCO1FBQ3BDLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQywrQkFBK0IsQ0FBQyxDQUFDO0lBQ2xELENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxxQkFBcUI7UUFDMUIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLHFCQUFxQixDQUFDLENBQUM7SUFDeEMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLGdDQUFnQztRQUNyQyxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsZ0NBQWdDLENBQUMsQ0FBQztJQUNuRCxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0kseUJBQXlCO1FBQzlCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyx5QkFBeUIsQ0FBQyxDQUFDO0lBQzVDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSx1QkFBdUI7UUFDNUIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLHVCQUF1QixDQUFDLENBQUM7SUFDMUMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLGFBQWE7UUFDbEIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLGFBQWEsQ0FBQyxDQUFDO0lBQ2hDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxXQUFXO1FBQ2hCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxXQUFXLENBQUMsQ0FBQztJQUM5QixDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksYUFBYTtRQUNsQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsYUFBYSxDQUFDLENBQUM7SUFDaEMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLHVCQUF1QjtRQUM1QixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsdUJBQXVCLENBQUMsQ0FBQztJQUMxQyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksVUFBVTtRQUNmLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxVQUFVLENBQUMsQ0FBQztJQUM3QixDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0kscUJBQXFCO1FBQzFCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxxQkFBcUIsQ0FBQyxDQUFDO0lBQ3hDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSwwQkFBMEI7UUFDL0IsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLDBCQUEwQixDQUFDLENBQUM7SUFDN0MsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLHdCQUF3QjtRQUM3QixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsd0JBQXdCLENBQUMsQ0FBQztJQUMzQyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksa0JBQWtCO1FBQ3ZCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxrQkFBa0IsQ0FBQyxDQUFDO0lBQ3JDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxvQkFBb0I7UUFDekIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLG9CQUFvQixDQUFDLENBQUM7SUFDdkMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLFlBQVk7UUFDakIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLFlBQVksQ0FBQyxDQUFDO0lBQy9CLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSwyQkFBMkI7UUFDaEMsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLDJCQUEyQixDQUFDLENBQUM7SUFDOUMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLDJCQUEyQjtRQUNoQyxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsMkJBQTJCLENBQUMsQ0FBQztJQUM5QyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksbUJBQW1CO1FBQ3hCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxtQkFBbUIsQ0FBQyxDQUFDO0lBQ3RDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxvQkFBb0I7UUFDekIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLG9CQUFvQixDQUFDLENBQUM7SUFDdkMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLGVBQWU7UUFDcEIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLGVBQWUsQ0FBQyxDQUFDO0lBQ2xDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxjQUFjO1FBQ25CLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxjQUFjLENBQUMsQ0FBQztJQUNqQyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksZUFBZTtRQUNwQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsZUFBZSxDQUFDLENBQUM7SUFDbEMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLGFBQWE7UUFDbEIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLGFBQWEsQ0FBQyxDQUFDO0lBQ2hDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxjQUFjO1FBQ25CLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxjQUFjLENBQUMsQ0FBQztJQUNqQyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksWUFBWTtRQUNqQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsWUFBWSxDQUFDLENBQUM7SUFDL0IsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLGlCQUFpQjtRQUN0QixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsaUJBQWlCLENBQUMsQ0FBQztJQUNwQyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksNEJBQTRCO1FBQ2pDLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyw0QkFBNEIsQ0FBQyxDQUFDO0lBQy9DLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxhQUFhO1FBQ2xCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxhQUFhLENBQUMsQ0FBQztJQUNoQyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksK0JBQStCO1FBQ3BDLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQywrQkFBK0IsQ0FBQyxDQUFDO0lBQ2xELENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSw0QkFBNEI7UUFDakMsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLDRCQUE0QixDQUFDLENBQUM7SUFDL0MsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLHFCQUFxQjtRQUMxQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMscUJBQXFCLENBQUMsQ0FBQztJQUN4QyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0kscUJBQXFCO1FBQzFCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxxQkFBcUIsQ0FBQyxDQUFDO0lBQ3hDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSx1QkFBdUI7UUFDNUIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLHVCQUF1QixDQUFDLENBQUM7SUFDMUMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLGtCQUFrQjtRQUN2QixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsa0JBQWtCLENBQUMsQ0FBQztJQUNyQyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksd0JBQXdCO1FBQzdCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyx3QkFBd0IsQ0FBQyxDQUFDO0lBQzNDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSx1QkFBdUI7UUFDNUIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLHVCQUF1QixDQUFDLENBQUM7SUFDMUMsQ0FBQztJQUVEOzs7Ozs7Ozs7O09BVUc7SUFDSSxhQUFhO1FBQ2xCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxhQUFhLENBQUMsQ0FBQztJQUNoQyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksbUJBQW1CO1FBQ3hCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxtQkFBbUIsQ0FBQyxDQUFDO0lBQ3RDLENBQUM7SUFFRDs7Ozs7Ozs7O09BU0c7SUFDSSxlQUFlO1FBQ3BCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxlQUFlLENBQUMsQ0FBQztJQUNsQyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksZ0JBQWdCO1FBQ3JCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxnQkFBZ0IsQ0FBQyxDQUFDO0lBQ25DLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxjQUFjO1FBQ25CLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxjQUFjLENBQUMsQ0FBQztJQUNqQyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksd0JBQXdCO1FBQzdCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyx3QkFBd0IsQ0FBQyxDQUFDO0lBQzNDLENBQUM7SUFFRDs7Ozs7Ozs7OztPQVVHO0lBQ0ksYUFBYTtRQUNsQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsYUFBYSxDQUFDLENBQUM7SUFDaEMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLDZCQUE2QjtRQUNsQyxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsNkJBQTZCLENBQUMsQ0FBQztJQUNoRCxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksMkJBQTJCO1FBQ2hDLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQywyQkFBMkIsQ0FBQyxDQUFDO0lBQzlDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSx1QkFBdUI7UUFDNUIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLHVCQUF1QixDQUFDLENBQUM7SUFDMUMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLGlDQUFpQztRQUN0QyxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsaUNBQWlDLENBQUMsQ0FBQztJQUNwRCxDQUFDO0lBRUQ7Ozs7Ozs7Ozs7T0FVRztJQUNJLDZCQUE2QjtRQUNsQyxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsNkJBQTZCLENBQUMsQ0FBQztJQUNoRCxDQUFDO0lBRUQ7Ozs7Ozs7Ozs7T0FVRztJQUNJLHNCQUFzQjtRQUMzQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsc0JBQXNCLENBQUMsQ0FBQztJQUN6QyxDQUFDO0lBd0ZEOzs7Ozs7Ozs7Ozs7T0FZRztJQUNJLFVBQVUsQ0FBQyxVQUFrQixFQUFFLE9BQWdCLEVBQUUsTUFBZSxFQUFFLFNBQWtCO1FBQ3pGLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxPQUFRLFNBQVMsSUFBSSxJQUFJLENBQUMsZ0JBQWlCLGNBQWUsTUFBTSxJQUFJLElBQUksQ0FBQyxhQUFjLElBQUssT0FBTyxJQUFJLElBQUksQ0FBQyxjQUFlLGFBQWMsVUFBVyxFQUFFLENBQUMsQ0FBQztJQUN6SyxDQUFDO0lBRUQ7Ozs7Ozs7Ozs7Ozs7T0FhRztJQUNJLFFBQVEsQ0FBQyxVQUFrQixFQUFFLFVBQWtCLEVBQUUsT0FBZ0IsRUFBRSxNQUFlLEVBQUUsU0FBa0I7UUFDM0csT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLE9BQVEsU0FBUyxJQUFJLElBQUksQ0FBQyxnQkFBaUIsY0FBZSxNQUFNLElBQUksSUFBSSxDQUFDLGFBQWMsSUFBSyxPQUFPLElBQUksSUFBSSxDQUFDLGNBQWUsYUFBYyxVQUFXLFdBQVksVUFBVyxFQUFFLENBQUMsQ0FBQztJQUNoTSxDQUFDO0lBRUQ7Ozs7Ozs7Ozs7Ozs7T0FhRztJQUNJLE9BQU8sQ0FBQyxVQUFrQixFQUFFLE9BQWUsRUFBRSxPQUFnQixFQUFFLE1BQWUsRUFBRSxTQUFrQjtRQUN2RyxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsT0FBUSxTQUFTLElBQUksSUFBSSxDQUFDLGdCQUFpQixjQUFlLE1BQU0sSUFBSSxJQUFJLENBQUMsYUFBYyxJQUFLLE9BQU8sSUFBSSxJQUFJLENBQUMsY0FBZSxhQUFjLFVBQVcsVUFBVyxPQUFRLEVBQUUsQ0FBQyxDQUFDO0lBQzVMLENBQUM7SUFFRDs7Ozs7Ozs7Ozs7OztPQWFHO0lBQ0ksZ0JBQWdCLENBQUMsVUFBa0IsRUFBRSxnQkFBd0IsRUFBRSxPQUFnQixFQUFFLE1BQWUsRUFBRSxTQUFrQjtRQUN6SCxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsT0FBUSxTQUFTLElBQUksSUFBSSxDQUFDLGdCQUFpQixjQUFlLE1BQU0sSUFBSSxJQUFJLENBQUMsYUFBYyxJQUFLLE9BQU8sSUFBSSxJQUFJLENBQUMsY0FBZSxhQUFjLFVBQVcsbUJBQW9CLGdCQUFpQixFQUFFLENBQUMsQ0FBQztJQUM5TSxDQUFDO0lBRUQ7Ozs7Ozs7Ozs7T0FVRztJQUNJLHVCQUF1QixDQUFDLFVBQWtCLEVBQUUsdUJBQStCLEVBQUUsT0FBZ0IsRUFBRSxNQUFlLEVBQUUsU0FBa0I7UUFDdkksT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLE9BQVEsU0FBUyxJQUFJLElBQUksQ0FBQyxnQkFBaUIsY0FBZSxNQUFNLElBQUksSUFBSSxDQUFDLGFBQWMsSUFBSyxPQUFPLElBQUksSUFBSSxDQUFDLGNBQWUsYUFBYyxVQUFXLDBCQUEyQix1QkFBd0IsRUFBRSxDQUFDLENBQUM7SUFDNU4sQ0FBQztJQUVEOzs7Ozs7Ozs7Ozs7T0FZRztJQUNJLHVCQUF1QixDQUFDLHVCQUErQixFQUFFLE9BQWdCLEVBQUUsTUFBZSxFQUFFLFNBQWtCO1FBQ25ILE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxPQUFRLFNBQVMsSUFBSSxJQUFJLENBQUMsZ0JBQWlCLGNBQWUsTUFBTSxJQUFJLElBQUksQ0FBQyxhQUFjLElBQUssT0FBTyxJQUFJLElBQUksQ0FBQyxjQUFlLDRCQUE2Qix1QkFBd0IsRUFBRSxDQUFDLENBQUM7SUFDck0sQ0FBQztJQUVEOzs7Ozs7Ozs7Ozs7Ozs7O09BZ0JHO0lBQ0ksZUFBZSxDQUFDLE1BQWMsRUFBRSxLQUF3QixFQUFFLFFBQTRCO1FBQzNGLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxrQkFBbUIsTUFBTyxFQUFFLEVBQUUsS0FBSyxFQUFFLFFBQVEsSUFBSSxZQUFZLENBQUMsQ0FBQztJQUNoRixDQUFDO0lBRUQ7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7O09Bb0JHO0lBQ0ksZ0JBQWdCLENBQUMsTUFBYyxFQUFFLEtBQXdCLEVBQUUsUUFBNEI7UUFDNUYsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLG1CQUFvQixNQUFPLEVBQUUsRUFBRSxLQUFLLEVBQUUsUUFBUSxJQUFJLFlBQVksQ0FBQyxDQUFDO0lBQ2pGLENBQUM7SUFFRDs7Ozs7Ozs7Ozs7Ozs7OztPQWdCRztJQUNJLFlBQVksQ0FBQyxLQUF3QixFQUFFLFFBQTRCO1FBQ3hFLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxhQUFhLEVBQUUsS0FBSyxFQUFFLFFBQVEsSUFBSSxZQUFZLENBQUMsQ0FBQztJQUNqRSxDQUFDO0lBRUQ7OztPQUdHO0lBQ0gsWUFBWSxLQUFnQztRQUMxQyxLQUFLLENBQUMsS0FBSyxDQUFDLENBQUM7UUFsbkNSLGtCQUFhLEdBQUcsV0FBVyxDQUFDO1FBNjJCekIsb0JBQWUsR0FBb0I7WUFDM0MsS0FBSyxFQUFFO2dCQUNMLCtCQUErQjtnQkFDL0Isa0JBQWtCO2dCQUNsQixpQkFBaUI7Z0JBQ2pCLGdCQUFnQjtnQkFDaEIsY0FBYztnQkFDZCxhQUFhO2dCQUNiLDZCQUE2QjtnQkFDN0IsZUFBZTtnQkFDZiw2QkFBNkI7Z0JBQzdCLHNCQUFzQjtnQkFDdEIsc0JBQXNCO2dCQUN0QixvQkFBb0I7Z0JBQ3BCLGdCQUFnQjtnQkFDaEIsY0FBYztnQkFDZCxhQUFhO2dCQUNiLG1CQUFtQjtnQkFDbkIsNkJBQTZCO2dCQUM3QixlQUFlO2dCQUNmLDZCQUE2QjtnQkFDN0Isc0JBQXNCO2dCQUN0QixpQ0FBaUM7Z0JBQ2pDLHNDQUFzQztnQkFDdEMsK0JBQStCO2dCQUMvQixxQkFBcUI7Z0JBQ3JCLGdDQUFnQztnQkFDaEMsZUFBZTtnQkFDZix1QkFBdUI7Z0JBQ3ZCLGtCQUFrQjtnQkFDbEIsd0JBQXdCO2dCQUN4Qix1QkFBdUI7Z0JBQ3ZCLG1CQUFtQjtnQkFDbkIsZ0JBQWdCO2dCQUNoQixjQUFjO2dCQUNkLHdCQUF3QjtnQkFDeEIsYUFBYTtn