cdk-iam-floyd

import { AccessLevelList } from '../../shared/access-level'; import { PolicyStatement, Operator } from '../../shared'; import { aws_iam as iam } from "aws-cdk-lib"; /** * Statement provider for service [kendra](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonkendra.html). * * @param sid [SID](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_sid.html) of the statement */ export declare class Kendra extends PolicyStatement { servicePrefix: string; /** * Grants permission to put principal mapping in index * * Access Level: Write * * https://docs.aws.amazon.com/kendra/latest/dg/API_PutPrincipalMapping.html */ toAssociateEntitiesToExperience(): this; /** * Defines the specific permissions of users or groups in your AWS SSO identity source with access to your Amazon Kendra experience * * Access Level: Write * * https://docs.aws.amazon.com/kendra/latest/dg/API_AssociatePersonasToEntities.html */ toAssociatePersonasToEntities(): this; /** * Grants permission to batch delete document * * Access Level: Write * * https://docs.aws.amazon.com/kendra/latest/dg/API_BatchDeleteDocument.html */ toBatchDeleteDocument(): this; /** * Grants permission to delete a featured results set * * Access Level: Write * * https://docs.aws.amazon.com/kendra/latest/dg/API_DeleteFeaturedResults.html */ toBatchDeleteFeaturedResultsSet(): this; /** * Grants permission to do batch get document status * * Access Level: Read * * https://docs.aws.amazon.com/kendra/latest/dg/API_BatchGetDocumentStatus.html */ toBatchGetDocumentStatus(): this; /** * Grants permission to batch put document * * Access Level: Write * * https://docs.aws.amazon.com/kendra/latest/dg/API_BatchPutDocument.html */ toBatchPutDocument(): this; /** * Grants permission to clear out the suggestions for a given index, generated so far * * Access Level: Write * * https://docs.aws.amazon.com/kendra/latest/dg/API_ClearQuerySuggestions.html */ toClearQuerySuggestions(): this; /** * Grants permission to create an access control configuration * * Access Level: Write * * https://docs.aws.amazon.com/kendra/latest/dg/API_CreateAccessControlConfiguration.html */ toCreateAccessControlConfiguration(): this; /** * Grants permission to create a data source * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/kendra/latest/dg/API_CreateDataSource.html */ toCreateDataSource(): this; /** * Creates an Amazon Kendra experience such as a search application * * Access Level: Write * * https://docs.aws.amazon.com/kendra/latest/dg/API_CreateExperience.html */ toCreateExperience(): this; /** * Grants permission to create an Faq * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/kendra/latest/dg/API_CreateFaq.html */ toCreateFaq(): this; /** * Grants permission to create a featured results set * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/kendra/latest/dg/API_CreateFeaturedResults.html */ toCreateFeaturedResultsSet(): this; /** * Grants permission to create an Index * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/kendra/latest/dg/API_CreateIndex.html */ toCreateIndex(): this; /** * Grants permission to create a QuerySuggestions BlockList * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/kendra/latest/dg/API_CreateQuerySuggestionsBlockList.html */ toCreateQuerySuggestionsBlockList(): this; /** * Grants permission to create a Thesaurus * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/kendra/latest/dg/API_CreateThesaurus.html */ toCreateThesaurus(): this; /** * Grants permission to delete an access control configuration * * Access Level: Write * * https://docs.aws.amazon.com/kendra/latest/dg/API_DeleteAccessControlConfiguration.html */ toDeleteAccessControlConfiguration(): this; /** * Grants permission to delete a data source * * Access Level: Write * * https://docs.aws.amazon.com/kendra/latest/dg/API_DeleteDataSource.html */ toDeleteDataSource(): this; /** * Deletes your Amazon Kendra experience such as a search application * * Access Level: Write * * https://docs.aws.amazon.com/kendra/latest/dg/API_DeleteExperience.html */ toDeleteExperience(): this; /** * Grants permission to delete an Faq * * Access Level: Write * * https://docs.aws.amazon.com/kendra/latest/dg/API_DeleteFaq.html */ toDeleteFaq(): this; /** * Grants permission to delete an Index * * Access Level: Write * * https://docs.aws.amazon.com/kendra/latest/dg/API_DeleteIndex.html */ toDeleteIndex(): this; /** * Grants permission to delete principal mapping from index * * Access Level: Write * * https://docs.aws.amazon.com/kendra/latest/dg/API_DeletePrincipalMapping.html */ toDeletePrincipalMapping(): this; /** * Grants permission to delete a QuerySuggestions BlockList * * Access Level: Write * * https://docs.aws.amazon.com/kendra/latest/dg/API_DeleteQuerySuggestionsBlockList.html */ toDeleteQuerySuggestionsBlockList(): this; /** * Grants permission to delete a Thesaurus * * Access Level: Write * * https://docs.aws.amazon.com/kendra/latest/dg/API_DeleteThesaurus.html */ toDeleteThesaurus(): this; /** * Grants permission to describe an access control configuration * * Access Level: Read * * https://docs.aws.amazon.com/kendra/latest/dg/API_DescribeAccessControlConfiguration.html */ toDescribeAccessControlConfiguration(): this; /** * Grants permission to describe a data source * * Access Level: Read * * https://docs.aws.amazon.com/kendra/latest/dg/API_DescribeDataSource.html */ toDescribeDataSource(): this; /** * Gets information about your Amazon Kendra experience such as a search application * * Access Level: Read * * https://docs.aws.amazon.com/kendra/latest/dg/API_DescribeExperience.html */ toDescribeExperience(): this; /** * Grants permission to describe an Faq * * Access Level: Read * * https://docs.aws.amazon.com/kendra/latest/dg/API_DescribeFaq.html */ toDescribeFaq(): this; /** * Grants permission to describe a featured results set * * Access Level: Read * * https://docs.aws.amazon.com/kendra/latest/dg/API_DescribeThesaurus.html */ toDescribeFeaturedResultsSet(): this; /** * Grants permission to describe an Index * * Access Level: Read * * https://docs.aws.amazon.com/kendra/latest/dg/API_DescribeIndex.html */ toDescribeIndex(): this; /** * Grants permission to describe principal mapping from index * * Access Level: Read * * https://docs.aws.amazon.com/kendra/latest/dg/API_DescribePrincipalMapping.html */ toDescribePrincipalMapping(): this; /** * Grants permission to describe a QuerySuggestions BlockList * * Access Level: Read * * https://docs.aws.amazon.com/kendra/latest/dg/API_DescribeQuerySuggestionsBlockList.html */ toDescribeQuerySuggestionsBlockList(): this; /** * Grants permission to describe the query suggestions configuration for an index * * Access Level: Read * * https://docs.aws.amazon.com/kendra/latest/dg/API_DescribeQuerySuggestionsConfig.html */ toDescribeQuerySuggestionsConfig(): this; /** * Grants permission to describe a Thesaurus * * Access Level: Read * * https://docs.aws.amazon.com/kendra/latest/dg/API_DescribeThesaurus.html */ toDescribeThesaurus(): this; /** * Prevents users or groups in your AWS SSO identity source from accessing your Amazon Kendra experience * * Access Level: Write * * https://docs.aws.amazon.com/kendra/latest/dg/API_DisassociateEntitiesFromExperience.html */ toDisassociateEntitiesFromExperience(): this; /** * Removes the specific permissions of users or groups in your AWS SSO identity source with access to your Amazon Kendra experience * * Access Level: Write * * https://docs.aws.amazon.com/kendra/latest/dg/API_DisassociatePersonasFromEntities.html */ toDisassociatePersonasFromEntities(): this; /** * Grants permission to get suggestions for a query prefix * * Access Level: Read * * https://docs.aws.amazon.com/kendra/latest/dg/API_GetQuerySuggestions.html */ toGetQuerySuggestions(): this; /** * Retrieves search metrics data * * Access Level: Read * * https://docs.aws.amazon.com/kendra/latest/dg/API_GetSnapshots.html */ toGetSnapshots(): this; /** * Grants permission to list the access control configurations * * Access Level: List * * https://docs.aws.amazon.com/kendra/latest/dg/API_ListAccessControlConfigurations.html */ toListAccessControlConfigurations(): this; /** * Grants permission to get Data Source sync job history * * Access Level: List * * https://docs.aws.amazon.com/kendra/latest/dg/API_ListDataSourceSyncJobs.html */ toListDataSourceSyncJobs(): this; /** * Grants permission to list the data sources * * Access Level: List * * https://docs.aws.amazon.com/kendra/latest/dg/API_ListDataSources.html */ toListDataSources(): this; /** * Lists specific permissions of users and groups with access to your Amazon Kendra experience * * Access Level: List * * https://docs.aws.amazon.com/kendra/latest/dg/API_ListEntityPersonas.html */ toListEntityPersonas(): this; /** * Lists users or groups in your AWS SSO identity source that are granted access to your Amazon Kendra experience * * Access Level: List * * https://docs.aws.amazon.com/kendra/latest/dg/API_ListExperienceEntities.html */ toListExperienceEntities(): this; /** * Lists one or more Amazon Kendra experiences. You can create an Amazon Kendra experience such as a search application * * Access Level: List * * https://docs.aws.amazon.com/kendra/latest/dg/API_ListExperiences.html */ toListExperiences(): this; /** * Grants permission to list the Faqs * * Access Level: List * * https://docs.aws.amazon.com/kendra/latest/dg/API_ListFaqs.html */ toListFaqs(): this; /** * Grants permission to list the featured results sets * * Access Level: List * * https://docs.aws.amazon.com/kendra/latest/dg/API_ListFeaturedResults.html */ toListFeaturedResultsSets(): this; /** * Grants permission to list groups that are older than an ordering id * * Access Level: List * * https://docs.aws.amazon.com/kendra/latest/dg/API_ListGroupsOlderThanOrderingId.html */ toListGroupsOlderThanOrderingId(): this; /** * Grants permission to list the indexes * * Access Level: List * * https://docs.aws.amazon.com/kendra/latest/dg/API_ListIndices.html */ toListIndices(): this; /** * Grants permission to list the QuerySuggestions BlockLists * * Access Level: List * * https://docs.aws.amazon.com/kendra/latest/dg/API_ListQuerySuggestionsBlockLists.html */ toListQuerySuggestionsBlockLists(): this; /** * Grants permission to list tags for a resource * * Access Level: Read * * https://docs.aws.amazon.com/kendra/latest/dg/API_ListTagsForResource.html */ toListTagsForResource(): this; /** * Grants permission to list the Thesauri * * Access Level: List * * https://docs.aws.amazon.com/kendra/latest/dg/API_ListThesauri.html */ toListThesauri(): this; /** * Grants permission to put principal mapping in index * * Access Level: Write * * https://docs.aws.amazon.com/kendra/latest/dg/API_PutPrincipalMapping.html */ toPutPrincipalMapping(): this; /** * Grants permission to query documents and faqs * * Access Level: Read * * https://docs.aws.amazon.com/kendra/latest/dg/API_Query.html */ toQuery(): this; /** * Grants permission to retrieve relevant content from an index * * Access Level: Read * * https://docs.aws.amazon.com/kendra/latest/dg/API_Retrieve.html */ toRetrieve(): this; /** * Grants permission to start Data Source sync job * * Access Level: Write * * https://docs.aws.amazon.com/kendra/latest/dg/API_StartDataSourceSyncJob.html */ toStartDataSourceSyncJob(): this; /** * Grants permission to stop Data Source sync job * * Access Level: Write * * https://docs.aws.amazon.com/kendra/latest/dg/API_StopDataSourceSyncJob.html */ toStopDataSourceSyncJob(): this; /** * Grants permission to send feedback about a query results * * Access Level: Write * * https://docs.aws.amazon.com/kendra/latest/dg/API_SubmitFeedback.html */ toSubmitFeedback(): this; /** * Grants permission to tag a resource with given key value pairs * * Access Level: Tagging * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/kendra/latest/dg/API_TagResource.html */ toTagResource(): this; /** * Grants permission to remove the tag with the given key from a resource * * Access Level: Tagging * * Possible conditions: * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/kendra/latest/dg/API_UntagResource.html */ toUntagResource(): this; /** * Grants permission to update an access control configuration * * Access Level: Write * * https://docs.aws.amazon.com/kendra/latest/dg/API_UpdateAccessControlConfiguration.html */ toUpdateAccessControlConfiguration(): this; /** * Grants permission to update a data source * * Access Level: Write * * https://docs.aws.amazon.com/kendra/latest/dg/API_UpdateDataSource.html */ toUpdateDataSource(): this; /** * Updates your Amazon Kendra experience such as a search application * * Access Level: Write * * https://docs.aws.amazon.com/kendra/latest/dg/API_UpdateExperience.html */ toUpdateExperience(): this; /** * Grants permission to update a featured results set * * Access Level: Write * * https://docs.aws.amazon.com/kendra/latest/dg/API_UpdateFeaturedResults.html */ toUpdateFeaturedResultsSet(): this; /** * Grants permission to update an Index * * Access Level: Write * * https://docs.aws.amazon.com/kendra/latest/dg/API_UpdateIndex.html */ toUpdateIndex(): this; /** * Grants permission to update a QuerySuggestions BlockList * * Access Level: Write * * https://docs.aws.amazon.com/kendra/latest/dg/API_UpdateQuerySuggestionsBlockList.html */ toUpdateQuerySuggestionsBlockList(): this; /** * Grants permission to update the query suggestions configuration for an index * * Access Level: Write * * https://docs.aws.amazon.com/kendra/latest/dg/API_UpdateQuerySuggestionsConfig.html */ toUpdateQuerySuggestionsConfig(): this; /** * Grants permission to update a thesaurus * * Access Level: Write * * https://docs.aws.amazon.com/kendra/latest/dg/API_UpdateThesaurus.html */ toUpdateThesaurus(): this; protected accessLevelList: AccessLevelList; /** * Adds a resource of type index to the statement * * https://docs.aws.amazon.com/kendra/latest/dg/index.html * * @param indexId - Identifier for the indexId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onIndex(indexId: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type data-source to the statement * * https://docs.aws.amazon.com/kendra/latest/dg/data-source.html * * @param indexId - Identifier for the indexId. * @param dataSourceId - Identifier for the dataSourceId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onDataSource(indexId: string, dataSourceId: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type faq to the statement * * https://docs.aws.amazon.com/kendra/latest/dg/faq.html * * @param indexId - Identifier for the indexId. * @param faqId - Identifier for the faqId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onFaq(indexId: string, faqId: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type experience to the statement * * https://docs.aws.amazon.com/kendra/latest/dg/deploying-search-experience-no-code.html * * @param indexId - Identifier for the indexId. * @param experienceId - Identifier for the experienceId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. */ onExperience(indexId: string, experienceId: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type thesaurus to the statement * * https://docs.aws.amazon.com/kendra/latest/dg/thesaurus.html * * @param indexId - Identifier for the indexId. * @param thesaurusId - Identifier for the thesaurusId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onThesaurus(indexId: string, thesaurusId: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type query-suggestions-block-list to the statement * * https://docs.aws.amazon.com/kendra/latest/dg/query-suggestions-block-list.html * * @param indexId - Identifier for the indexId. * @param querySuggestionsBlockListId - Identifier for the querySuggestionsBlockListId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onQuerySuggestionsBlockList(indexId: string, querySuggestionsBlockListId: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type featured-results-set to the statement * * https://docs.aws.amazon.com/kendra/latest/dg/featured-results.html * * @param indexId - Identifier for the indexId. * @param featuredResultsSetId - Identifier for the featuredResultsSetId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onFeaturedResultsSet(indexId: string, featuredResultsSetId: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type access-control-configuration to the statement * * https://docs.aws.amazon.com/kendra/latest/dg/API_CreateAccessControlConfiguration.html * * @param indexId - Identifier for the indexId. * @param accessControlConfigurationId - Identifier for the accessControlConfigurationId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. */ onAccessControlConfiguration(indexId: string, accessControlConfigurationId: string, account?: string, region?: string, partition?: string): this; /** * Filters access by the tags that are passed in the request * * https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-requesttag * * Applies to actions: * - .toCreateDataSource() * - .toCreateFaq() * - .toCreateFeaturedResultsSet() * - .toCreateIndex() * - .toCreateQuerySuggestionsBlockList() * - .toCreateThesaurus() * - .toTagResource() * * @param tagKey The tag key to check * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifAwsRequestTag(tagKey: string, value: string | string[], operator?: Operator | string): this; /** * Filters access by the tags associated with the resource * * https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-resourcetag * * Applies to resource types: * - index * - data-source * - faq * - thesaurus * - query-suggestions-block-list * - featured-results-set * * @param tagKey The tag key to check * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifAwsResourceTag(tagKey: string, value: string | string[], operator?: Operator | string): this; /** * Filters access by the tag keys that are passed in the request * * https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-tagkeys * * Applies to actions: * - .toCreateDataSource() * - .toCreateFaq() * - .toCreateFeaturedResultsSet() * - .toCreateIndex() * - .toCreateQuerySuggestionsBlockList() * - .toCreateThesaurus() * - .toTagResource() * - .toUntagResource() * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifAwsTagKeys(value: string | string[], operator?: Operator | string): this; /** * Statement provider for service [kendra](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonkendra.html). * */ constructor(props?: iam.PolicyStatementProps); }