UNPKG

cdk-iam-floyd

Version:

AWS IAM policy statement generator with fluent interface for AWS CDK

github.com/udondan/iam-floyd

udondan/iam-floyd

100 lines (99 loc) 3.21 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
import { AccessLevelList } from '../../shared/access-level'; import { PolicyStatement } from '../../shared'; import { aws_iam as iam } from "aws-cdk-lib"; /** * Statement provider for service [iq-permission](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiqpermissions.html). * * @param sid [SID](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_sid.html) of the statement */ export declare class IqPermission extends PolicyStatement { servicePrefix: string; /** * Grants permission to approve a permission request * * Access Level: Write * * https://aws.amazon.com/iq/ */ toApproveAccessGrant(): this; /** * Grants permission to approve a permission request * * Access Level: Write * * https://aws.amazon.com/iq/ */ toApprovePermissionRequest(): this; /** * Grants permission to obtain a set of temporary security credentials for experts which they can use to access buyers' AWS resources * * Access Level: Write * * https://aws.amazon.com/iq/ */ toAssumePermissionRole(): this; /** * Grants permission to create a permission request * * Access Level: Write * * https://aws.amazon.com/iq/ */ toCreatePermissionRequest(): this; /** * Grants permission to get a permission request * * Access Level: Read * * https://aws.amazon.com/iq/ */ toGetPermissionRequest(): this; /** * Grants permission to list permission requests * * Access Level: Read * * https://aws.amazon.com/iq/ */ toListPermissionRequests(): this; /** * Grants permission to reject a permission request * * Access Level: Write * * https://aws.amazon.com/iq/ */ toRejectPermissionRequest(): this; /** * Grants permission to revoke a permission request which was previously approved * * Access Level: Write * * https://aws.amazon.com/iq/ */ toRevokePermissionRequest(): this; /** * Grants permission to withdraw a permission request that has not been approved or declined * * Access Level: Write * * https://aws.amazon.com/iq/ */ toWithdrawPermissionRequest(): this; protected accessLevelList: AccessLevelList; /** * Adds a resource of type permission to the statement * * https://aws.amazon.com/iq/ * * @param permissionRequestId - Identifier for the permissionRequestId. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. */ onPermission(permissionRequestId: string, region?: string, partition?: string): this; /** * Statement provider for service [iq-permission](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiqpermissions.html). * */ constructor(props?: iam.PolicyStatementProps); }