cdk-iam-floyd
Version:
AWS IAM policy statement generator with fluent interface for AWS CDK
469 lines (468 loc) • 17.2 kB
TypeScript
import { AccessLevelList } from '../../shared/access-level';
import { PolicyStatement, Operator } from '../../shared';
import { aws_iam as iam } from "aws-cdk-lib";
/**
* Statement provider for service [kinesisvideo](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonkinesisvideostreams.html).
*
* @param sid [SID](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_sid.html) of the statement
*/
export declare class Kinesisvideo extends PolicyStatement {
servicePrefix: string;
/**
* Grants permission to connect as a master to the signaling channel specified by the endpoint
*
* Access Level: Write
*
* https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_ConnectAsMaster.html
*/
toConnectAsMaster(): this;
/**
* Grants permission to connect as a viewer to the signaling channel specified by the endpoint
*
* Access Level: Write
*
* https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_ConnectAsViewer.html
*/
toConnectAsViewer(): this;
/**
* Grants permission to create a signaling channel
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_CreateSignalingChannel.html
*/
toCreateSignalingChannel(): this;
/**
* Grants permission to create a Kinesis video stream
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_CreateStream.html
*/
toCreateStream(): this;
/**
* Grants permission to delete the edge configuration of your Kinesis Video Stream
*
* Access Level: Write
*
* https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_DeleteEdgeConfiguration.html
*/
toDeleteEdgeConfiguration(): this;
/**
* Grants permission to delete an existing signaling channel
*
* Access Level: Write
*
* https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_DeleteSignalingChannel.html
*/
toDeleteSignalingChannel(): this;
/**
* Grants permission to delete an existing Kinesis video stream
*
* Access Level: Write
*
* https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_DeleteStream.html
*/
toDeleteStream(): this;
/**
* Grants permission to describe the edge configuration of your Kinesis Video Stream
*
* Access Level: Read
*
* https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_DescribeEdgeConfiguration.html
*/
toDescribeEdgeConfiguration(): this;
/**
* Grants permission to describe the image generation configuration of your Kinesis video stream
*
* Access Level: Read
*
* https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_DescribeImageGenerationConfiguration.html
*/
toDescribeImageGenerationConfiguration(): this;
/**
* Grants permission to describe the resource mapped to the Kinesis video stream
*
* Access Level: List
*
* https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_DescribeMappedResourceConfiguration.html
*/
toDescribeMappedResourceConfiguration(): this;
/**
* Grants permission to describe the media storage configuration of a signaling channel
*
* Access Level: Read
*
* https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_DescribeMediaStorageConfiguration.html
*/
toDescribeMediaStorageConfiguration(): this;
/**
* Grants permission to describe the notification configuration of your Kinesis video stream
*
* Access Level: Read
*
* https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_DescribeNotificationConfiguration.html
*/
toDescribeNotificationConfiguration(): this;
/**
* Grants permission to describe the specified signaling channel
*
* Access Level: List
*
* https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_DescribeSignalingChannel.html
*/
toDescribeSignalingChannel(): this;
/**
* Grants permission to describe the specified Kinesis video stream
*
* Access Level: List
*
* https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_DescribeStream.html
*/
toDescribeStream(): this;
/**
* Grants permission to get a media clip from a video stream
*
* Access Level: Read
*
* https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_reader_GetClip.html
*/
toGetClip(): this;
/**
* Grants permission to create a URL for MPEG-DASH video streaming
*
* Access Level: Read
*
* https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_reader_GetDASHStreamingSessionURL.html
*/
toGetDASHStreamingSessionURL(): this;
/**
* Grants permission to get an endpoint for a specified stream for either reading or writing media data to Kinesis Video Streams
*
* Access Level: Read
*
* https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_GetDataEndpoint.html
*/
toGetDataEndpoint(): this;
/**
* Grants permission to create a URL for HLS video streaming
*
* Access Level: Read
*
* https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_reader_GetHLSStreamingSessionURL.html
*/
toGetHLSStreamingSessionURL(): this;
/**
* Grants permission to get the ICE server configuration
*
* Access Level: Read
*
* https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_signaling_GetIceServerConfig.html
*/
toGetIceServerConfig(): this;
/**
* Grants permission to get generated images from your Kinesis video stream
*
* Access Level: Read
*
* https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_reader_GetImages.html
*/
toGetImages(): this;
/**
* Grants permission to return media content of a Kinesis video stream
*
* Access Level: Read
*
* https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_dataplane_GetMedia.html
*/
toGetMedia(): this;
/**
* Grants permission to read and return media data only from persisted storage
*
* Access Level: Read
*
* https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_reader_GetMediaForFragmentList.html
*/
toGetMediaForFragmentList(): this;
/**
* Grants permission to get endpoints for a specified combination of protocol and role for a signaling channel
*
* Access Level: Read
*
* https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_GetSignalingChannelEndpoint.html
*/
toGetSignalingChannelEndpoint(): this;
/**
* Grants permission to join a storage session for a channel
*
* Access Level: Write
*
* https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_webrtc_JoinStorageSession.html
*/
toJoinStorageSession(): this;
/**
* Grants permission to join a storage session for a channel as viewer
*
* Access Level: Write
*
* https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_webrtc_JoinStorageSessionAsViewer.html
*/
toJoinStorageSessionAsViewer(): this;
/**
* Grants permission to list an edge agent configurations
*
* Access Level: List
*
* https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_ListEdgeAgentConfigurations.html
*/
toListEdgeAgentConfigurations(): this;
/**
* Grants permission to list the fragments from archival storage based on the pagination token or selector type with range specified
*
* Access Level: List
*
* https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_reader_ListFragments.html
*/
toListFragments(): this;
/**
* Grants permission to list your signaling channels
*
* Access Level: List
*
* https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_ListSignalingChannels.html
*/
toListSignalingChannels(): this;
/**
* Grants permission to list your Kinesis video streams
*
* Access Level: List
*
* https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_ListStreams.html
*/
toListStreams(): this;
/**
* Grants permission to fetch the tags associated with your resource
*
* Access Level: Read
*
* https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_ListTagsForResource.html
*/
toListTagsForResource(): this;
/**
* Grants permission to fetch the tags associated with Kinesis video stream
*
* Access Level: Read
*
* https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_ListTagsForStream.html
*/
toListTagsForStream(): this;
/**
* Grants permission to send media data to a Kinesis video stream
*
* Access Level: Write
*
* https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_dataplane_PutMedia.html
*/
toPutMedia(): this;
/**
* Grants permission to send the Alexa SDP offer to the master
*
* Access Level: Write
*
* https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_signaling_SendAlexaOfferToMaster.html
*/
toSendAlexaOfferToMaster(): this;
/**
* Grants permission to start edge configuration update of your Kinesis Video Stream
*
* Access Level: Write
*
* https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_StartEdgeConfigurationUpdate.html
*/
toStartEdgeConfigurationUpdate(): this;
/**
* Grants permission to attach set of tags to your resource
*
* Access Level: Tagging
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_TagResource.html
*/
toTagResource(): this;
/**
* Grants permission to attach set of tags to your Kinesis video streams
*
* Access Level: Tagging
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_TagStream.html
*/
toTagStream(): this;
/**
* Grants permission to remove one or more tags from your resource
*
* Access Level: Tagging
*
* Possible conditions:
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_UntagResource.html
*/
toUntagResource(): this;
/**
* Grants permission to remove one or more tags from your Kinesis video streams
*
* Access Level: Tagging
*
* Possible conditions:
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_UntagStream.html
*/
toUntagStream(): this;
/**
* Grants permission to update the data retention period of your Kinesis video stream
*
* Access Level: Write
*
* https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_UpdateDataRetention.html
*/
toUpdateDataRetention(): this;
/**
* Grants permission to update the image generation configuration of your Kinesis video stream
*
* Access Level: Write
*
* https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_UpdateImageGenerationConfiguration.html
*/
toUpdateImageGenerationConfiguration(): this;
/**
* Grants permission to create or update an mapping between a signaling channel and stream
*
* Access Level: Write
*
* https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_UpdateMediaStorageConfiguration.html
*/
toUpdateMediaStorageConfiguration(): this;
/**
* Grants permission to update the notification configuration of your Kinesis video stream
*
* Access Level: Write
*
* https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_UpdateNotificationConfiguration.html
*/
toUpdateNotificationConfiguration(): this;
/**
* Grants permission to update an existing signaling channel
*
* Access Level: Write
*
* https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_UpdateSignalingChannel.html
*/
toUpdateSignalingChannel(): this;
/**
* Grants permission to update an existing Kinesis video stream
*
* Access Level: Write
*
* https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_UpdateStream.html
*/
toUpdateStream(): this;
protected accessLevelList: AccessLevelList;
/**
* Adds a resource of type stream to the statement
*
* https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/how-it-works.html
*
* @param streamName - Identifier for the streamName.
* @param creationTime - Identifier for the creationTime.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onStream(streamName: string, creationTime: string, account?: string, region?: string, partition?: string): this;
/**
* Adds a resource of type channel to the statement
*
* https://docs.aws.amazon.com/kinesisvideostreams-webrtc-dg/latest/devguide/kvswebrtc-how-it-works.html
*
* @param channelName - Identifier for the channelName.
* @param creationTime - Identifier for the creationTime.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onChannel(channelName: string, creationTime: string, account?: string, region?: string, partition?: string): this;
/**
* Filters requests based on the allowed set of values for each of the tags
*
* https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-requesttag
*
* Applies to actions:
* - .toCreateSignalingChannel()
* - .toCreateStream()
* - .toTagResource()
* - .toTagStream()
*
* @param tagKey The tag key to check
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifAwsRequestTag(tagKey: string, value: string | string[], operator?: Operator | string): this;
/**
* Filters actions based on tag-value assoicated with the stream
*
* https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-resourcetag
*
* Applies to resource types:
* - stream
* - channel
*
* @param tagKey The tag key to check
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifAwsResourceTag(tagKey: string, value: string | string[], operator?: Operator | string): this;
/**
* Filters requests based on the presence of mandatory tag keys in the request
*
* https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-tagkeys
*
* Applies to actions:
* - .toCreateSignalingChannel()
* - .toCreateStream()
* - .toTagResource()
* - .toTagStream()
* - .toUntagResource()
* - .toUntagStream()
*
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifAwsTagKeys(value: string | string[], operator?: Operator | string): this;
/**
* Statement provider for service [kinesisvideo](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonkinesisvideostreams.html).
*
*/
constructor(props?: iam.PolicyStatementProps);
}