cdk-iam-floyd

import { AccessLevelList } from '../../shared/access-level'; import { PolicyStatement, Operator } from '../../shared'; import { aws_iam as iam } from "aws-cdk-lib"; /** * Statement provider for service [iotfleetwise](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiotfleetwise.html). * * @param sid [SID](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_sid.html) of the statement */ export declare class Iotfleetwise extends PolicyStatement { servicePrefix: string; /** * Grants permission to associate the given vehicle to a fleet * * Access Level: Write * * https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_AssociateVehicleFleet.html */ toAssociateVehicleFleet(): this; /** * Grants permission to create a batch of vehicles * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * Dependent actions: * - iot:CreateThing * - iot:DescribeThing * * https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_BatchCreateVehicle.html */ toBatchCreateVehicle(): this; /** * Grants permission to update a batch of vehicles * * Access Level: Write * * Possible conditions: * - .ifUpdateToModelManifestArn() * - .ifUpdateToDecoderManifestArn() * * https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_BatchUpdateVehicle.html */ toBatchUpdateVehicle(): this; /** * Grants permission to create a campaign * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * - .ifDestinationArn() * * https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_CreateCampaign.html */ toCreateCampaign(): this; /** * Grants permission to create a decoder manifest for an existing model * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_CreateDecoderManifest.html */ toCreateDecoderManifest(): this; /** * Grants permission to create a fleet * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_CreateFleet.html */ toCreateFleet(): this; /** * Grants permission to create a model manifest definition * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_CreateModelManifest.html */ toCreateModelManifest(): this; /** * Grants permission to create a signal catalog * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_CreateSignalCatalog.html */ toCreateSignalCatalog(): this; /** * Grants permission to create a state template * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_CreateStateTemplate.html */ toCreateStateTemplate(): this; /** * Grants permission to create a vehicle * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * Dependent actions: * - iot:CreateThing * - iot:DescribeThing * * https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_CreateVehicle.html */ toCreateVehicle(): this; /** * Grants permission to delete a campaign * * Access Level: Write * * https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_DeleteCampaign.html */ toDeleteCampaign(): this; /** * Grants permission to delete the given decoder manifest * * Access Level: Write * * https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_DeleteDecoderManifest.html */ toDeleteDecoderManifest(): this; /** * Grants permission to delete a fleet * * Access Level: Write * * https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_DeleteFleet.html */ toDeleteFleet(): this; /** * Grants permission to delete the given model manifest * * Access Level: Write * * https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_DeleteModelManifest.html */ toDeleteModelManifest(): this; /** * Grants permission to delete a specific signal catalog * * Access Level: Write * * https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_DeleteSignalCatalog.html */ toDeleteSignalCatalog(): this; /** * Grants permission to delete a state template * * Access Level: Write * * https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_DeleteStateTemplate.html */ toDeleteStateTemplate(): this; /** * Grants permission to delete a vehicle * * Access Level: Write * * https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_DeleteVehicle.html */ toDeleteVehicle(): this; /** * Grants permission to disassociate a vehicle from an existing fleet * * Access Level: Write * * https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_DisassociateVehicleFleet.html */ toDisassociateVehicleFleet(): this; /** * Grants permission to generate the payload for running a command on a vehicle * * Access Level: Permissions management * * Possible conditions: * - .ifSignals() * * https://docs.aws.amazon.com/iot-fleetwise/latest/developerguide/controlling-access.html#generate-command-payload */ toGenerateCommandPayload(): this; /** * Grants permission to get summary information for a given campaign * * Access Level: Read * * https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_GetCampaign.html */ toGetCampaign(): this; /** * Grants permission to get summary information for a given decoder manifest definition * * Access Level: Read * * https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_GetDecoderManifest.html */ toGetDecoderManifest(): this; /** * Grants permission to get KMS-based encryption status for the AWS account * * Access Level: Read * * https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_GetEncryptionConfiguration.html */ toGetEncryptionConfiguration(): this; /** * Grants permission to get summary information for a fleet * * Access Level: Read * * https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_GetFleet.html */ toGetFleet(): this; /** * Grants permission to get the logging options for the AWS account * * Access Level: Read * * https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_GetLoggingOptions.html */ toGetLoggingOptions(): this; /** * Grants permission to get summary information for a given model manifest definition * * Access Level: Read * * https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_GetModelManifest.html */ toGetModelManifest(): this; /** * Grants permission to get the account registration status with IoT FleetWise * * Access Level: Read * * https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_GetRegisterAccountStatus.html */ toGetRegisterAccountStatus(): this; /** * Grants permission to get summary information for a specific signal catalog * * Access Level: Read * * https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_GetSignalCatalog.html */ toGetSignalCatalog(): this; /** * Grants permission to get summary information for a given state template * * Access Level: Read * * https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_GetStateTemplate.html */ toGetStateTemplate(): this; /** * Grants permission to get summary information for a vehicle * * Access Level: Read * * https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_GetVehicle.html */ toGetVehicle(): this; /** * Grants permission to get the status of the campaigns running on a specific vehicle * * Access Level: Read * * https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_GetVehicleStatus.html */ toGetVehicleStatus(): this; /** * Grants permission to import an existing decoder manifest * * Access Level: Write * * https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_ImportDecoderManifest.html */ toImportDecoderManifest(): this; /** * Grants permission to create a signal catalog by importing existing definitions * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_ImportSignalCatalog.html */ toImportSignalCatalog(): this; /** * Grants permission to list campaigns * * Access Level: Read * * https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_ListCampaigns.html */ toListCampaigns(): this; /** * Grants permission to list network interfaces associated to the existing decoder manifest * * Access Level: List * * https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_ListDecoderManifestNetworkInterfaces.html */ toListDecoderManifestNetworkInterfaces(): this; /** * Grants permission to list decoder manifest signals * * Access Level: List * * https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_ListDecoderManifestSignals.html */ toListDecoderManifestSignals(): this; /** * Grants permission to list all decoder manifests, with an optional filter on model manifest * * Access Level: Read * * https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_ListDecoderManifests.html */ toListDecoderManifests(): this; /** * Grants permission to list all fleets * * Access Level: Read * * https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_ListFleets.html */ toListFleets(): this; /** * Grants permission to list all the fleets that the given vehicle is associated with * * Access Level: Read * * https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_ListFleetsForVehicle.html */ toListFleetsForVehicle(): this; /** * Grants permission to list all nodes for the given model manifest * * Access Level: List * * https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_ListModelManifestNodes.html */ toListModelManifestNodes(): this; /** * Grants permission to list all model manifests, with an optional filter on signal catalog * * Access Level: Read * * https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_ListModelManifests.html */ toListModelManifests(): this; /** * Grants permission to list all nodes for a given signal catalog * * Access Level: Read * * https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_ListSignalCatalogNodes.html */ toListSignalCatalogNodes(): this; /** * Grants permission to list all signal catalogs * * Access Level: Read * * https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_ListSignalCatalogs.html */ toListSignalCatalogs(): this; /** * Grants permission to list state templates * * Access Level: Read * * https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_ListStateTemplates.html */ toListStateTemplates(): this; /** * Grants permission to list tags for a resource * * Access Level: Read * * https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_ListTagsForResource.html */ toListTagsForResource(): this; /** * Grants permission to list all vehicles, with an optional filter on model manifest * * Access Level: Read * * https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_ListVehicles.html */ toListVehicles(): this; /** * Grants permission to list vehicles in the given fleet * * Access Level: Read * * https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_ListVehiclesInFleet.html */ toListVehiclesInFleet(): this; /** * Grants permission to enable or disable KMS-based encryption for the AWS account * * Access Level: Write * * https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_PutEncryptionConfiguration.html */ toPutEncryptionConfiguration(): this; /** * Grants permission to put the logging options for the AWS account * * Access Level: Write * * https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_PutLoggingOptions.html */ toPutLoggingOptions(): this; /** * Grants permission to register an AWS account to IoT FleetWise * * Access Level: Write * * Dependent actions: * - iam:PassRole * * https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_RegisterAccount.html */ toRegisterAccount(): this; /** * Grants permission to add tags to a resource * * Access Level: Tagging * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_TagResource.html */ toTagResource(): this; /** * Grants permission to remove tags from a resource * * Access Level: Tagging * * Possible conditions: * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_UntagResource.html */ toUntagResource(): this; /** * Grants permission to update the given campaign * * Access Level: Write * * https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_UpdateCampaign.html */ toUpdateCampaign(): this; /** * Grants permission to update a decoder manifest defnition * * Access Level: Write * * https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_UpdateDecoderManifest.html */ toUpdateDecoderManifest(): this; /** * Grants permission to update the fleet * * Access Level: Write * * https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_UpdateFleet.html */ toUpdateFleet(): this; /** * Grants permission to update the given model manifest definition * * Access Level: Write * * https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_UpdateModelManifest.html */ toUpdateModelManifest(): this; /** * Grants permission to update a specific signal catalog definition * * Access Level: Write * * https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_UpdateSignalCatalog.html */ toUpdateSignalCatalog(): this; /** * Grants permission to update the given state template * * Access Level: Write * * https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_UpdateStateTemplate.html */ toUpdateStateTemplate(): this; /** * Grants permission to update the vehicle * * Access Level: Write * * Possible conditions: * - .ifUpdateToModelManifestArn() * - .ifUpdateToDecoderManifestArn() * * https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_UpdateVehicle.html */ toUpdateVehicle(): this; protected accessLevelList: AccessLevelList; /** * Adds a resource of type campaign to the statement * * https://docs.aws.amazon.com/iot-fleetwise/latest/developerguide/campaigns.html * * @param campaignName - Identifier for the campaignName. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onCampaign(campaignName: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type decodermanifest to the statement * * https://docs.aws.amazon.com/iot-fleetwise/latest/developerguide/decoder-manifests.html * * @param name - Identifier for the name. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onDecodermanifest(name: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type fleet to the statement * * https://docs.aws.amazon.com/iot-fleetwise/latest/developerguide/fleets.html * * @param fleetId - Identifier for the fleetId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onFleet(fleetId: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type modelmanifest to the statement * * https://docs.aws.amazon.com/iot-fleetwise/latest/developerguide/vehicle-models.html * * @param name - Identifier for the name. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onModelmanifest(name: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type signalcatalog to the statement * * https://docs.aws.amazon.com/iot-fleetwise/latest/developerguide/signal-catalogs.html * * @param name - Identifier for the name. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onSignalcatalog(name: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type vehicle to the statement * * https://docs.aws.amazon.com/iot-fleetwise/latest/developerguide/vehicles.html * * @param vehicleId - Identifier for the vehicleId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onVehicle(vehicleId: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type statetemplate to the statement * * https://docs.aws.amazon.com/iot-fleetwise/latest/developerguide/last-known-state.html * * @param stateTemplateId - Identifier for the stateTemplateId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onStatetemplate(stateTemplateId: string, account?: string, region?: string, partition?: string): this; /** * Filters access by the presence of tag key-value pairs in the request * * https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-requesttag * * Applies to actions: * - .toBatchCreateVehicle() * - .toCreateCampaign() * - .toCreateDecoderManifest() * - .toCreateFleet() * - .toCreateModelManifest() * - .toCreateSignalCatalog() * - .toCreateStateTemplate() * - .toCreateVehicle() * - .toImportSignalCatalog() * - .toTagResource() * * @param tagKey The tag key to check * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifAwsRequestTag(tagKey: string, value: string | string[], operator?: Operator | string): this; /** * Filters access by tag key-value pairs attached to the resource * * https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-resourcetag * * Applies to resource types: * - campaign * - decodermanifest * - fleet * - modelmanifest * - signalcatalog * - vehicle * - statetemplate * * @param tagKey The tag key to check * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifAwsResourceTag(tagKey: string, value: string | string[], operator?: Operator | string): this; /** * Filters access by the presence of tag keys in the request * * https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-tagkeys * * Applies to actions: * - .toBatchCreateVehicle() * - .toCreateCampaign() * - .toCreateDecoderManifest() * - .toCreateFleet() * - .toCreateModelManifest() * - .toCreateSignalCatalog() * - .toCreateStateTemplate() * - .toCreateVehicle() * - .toImportSignalCatalog() * - .toTagResource() * - .toUntagResource() * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifAwsTagKeys(value: string | string[], operator?: Operator | string): this; /** * Filters access by campaign destination ARN, eg. an S3 bucket ARN or a Timestream ARN * * https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiotfleetwise.html * * Applies to actions: * - .toCreateCampaign() * * @param value The value(s) to check * @param operator Works with [arn operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_ARN). **Default:** `ArnLike` */ ifDestinationArn(value: string | string[], operator?: Operator | string): this; /** * Filters access by fully qualified signal names * * https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiotfleetwise.html * * Applies to actions: * - .toGenerateCommandPayload() * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifSignals(value: string | string[], operator?: Operator | string): this; /** * Filters access by a list of IoT FleetWise Decoder Manifest ARNs * * https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiotfleetwise.html * * Applies to actions: * - .toBatchUpdateVehicle() * - .toUpdateVehicle() * * @param value The value(s) to check * @param operator Works with [arn operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_ARN). **Default:** `ArnLike` */ ifUpdateToDecoderManifestArn(value: string | string[], operator?: Operator | string): this; /** * Filters access by a list of IoT FleetWise Model Manifest ARNs * * https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiotfleetwise.html * * Applies to actions: * - .toBatchUpdateVehicle() * - .toUpdateVehicle() * * @param value The value(s) to check * @param operator Works with [arn operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_ARN). **Default:** `ArnLike` */ ifUpdateToModelManifestArn(value: string | string[], operator?: Operator | string): this; /** * Statement provider for service [iotfleetwise](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiotfleetwise.html). * */ constructor(props?: iam.PolicyStatementProps); }