cdk-iam-floyd
Version:
AWS IAM policy statement generator with fluent interface for AWS CDK
1,602 lines • 321 kB
JavaScript
"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.Rds = void 0;
const shared_1 = require("../../shared");
/**
* Statement provider for service [rds](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonrds.html).
*
* @param sid [SID](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_sid.html) of the statement
*/
class Rds extends shared_1.PolicyStatement {
/**
* Grants permission to associate an Identity and Access Management (IAM) role from an Aurora DB cluster
*
* Access Level: Write
*
* Dependent actions:
* - iam:PassRole
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_AddRoleToDBCluster.html
*/
toAddRoleToDBCluster() {
return this.to('AddRoleToDBCluster');
}
/**
* Grants permission to associate an AWS Identity and Access Management (IAM) role with a DB instance
*
* Access Level: Write
*
* Dependent actions:
* - iam:PassRole
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_AddRoleToDBInstance.html
*/
toAddRoleToDBInstance() {
return this.to('AddRoleToDBInstance');
}
/**
* Grants permission to add a source identifier to an existing RDS event notification subscription
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_AddSourceIdentifierToSubscription.html
*/
toAddSourceIdentifierToSubscription() {
return this.to('AddSourceIdentifierToSubscription');
}
/**
* Grants permission to add metadata tags to an Amazon RDS resource
*
* Access Level: Tagging
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
* - .ifReqTag()
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_AddTagsToResource.html
*/
toAddTagsToResource() {
return this.to('AddTagsToResource');
}
/**
* Grants permission to apply a pending maintenance action to a resource
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ApplyPendingMaintenanceAction.html
*/
toApplyPendingMaintenanceAction() {
return this.to('ApplyPendingMaintenanceAction');
}
/**
* Grants permission to enable ingress to a DBSecurityGroup using one of two forms of authorization
*
* Access Level: Permissions management
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_AuthorizeDBSecurityGroupIngress.html
*/
toAuthorizeDBSecurityGroupIngress() {
return this.to('AuthorizeDBSecurityGroupIngress');
}
/**
* Grants permission to backtrack a DB cluster to a specific time, without creating a new DB cluster
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_BacktrackDBCluster.html
*/
toBacktrackDBCluster() {
return this.to('BacktrackDBCluster');
}
/**
* Grants permission to cancel an export task in progress
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CancelExportTask.html
*/
toCancelExportTask() {
return this.to('CancelExportTask');
}
/**
* Grants permission to copy a custom engine version
*
* Access Level: Write
*
* https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonrds.html
*/
toCopyCustomDBEngineVersion() {
return this.to('CopyCustomDBEngineVersion');
}
/**
* Grants permission to copy the specified DB cluster parameter group
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* Dependent actions:
* - rds:AddTagsToResource
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CopyDBClusterParameterGroup.html
*/
toCopyDBClusterParameterGroup() {
return this.to('CopyDBClusterParameterGroup');
}
/**
* Grants permission to create a snapshot of a DB cluster
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* Dependent actions:
* - rds:AddTagsToResource
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CopyDBClusterSnapshot.html
*/
toCopyDBClusterSnapshot() {
return this.to('CopyDBClusterSnapshot');
}
/**
* Grants permission to copy the specified DB parameter group
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* Dependent actions:
* - rds:AddTagsToResource
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CopyDBParameterGroup.html
*/
toCopyDBParameterGroup() {
return this.to('CopyDBParameterGroup');
}
/**
* Grants permission to copy the specified DB snapshot
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
* - .ifCopyOptionGroup()
*
* Dependent actions:
* - rds:AddTagsToResource
* - rds:CopyCustomDBEngineVersion
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CopyDBSnapshot.html
*/
toCopyDBSnapshot() {
return this.to('CopyDBSnapshot');
}
/**
* Grants permission to copy the specified option group
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* Dependent actions:
* - rds:AddTagsToResource
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CopyOptionGroup.html
*/
toCopyOptionGroup() {
return this.to('CopyOptionGroup');
}
/**
* Grants permission to create a blue-green deployment for a given source cluster or instance
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsResourceTag()
* - .ifAwsTagKeys()
* - .ifClusterTag()
* - .ifClusterPgTag()
* - .ifDbTag()
* - .ifPgTag()
* - .ifReqTag()
* - .ifDatabaseEngine()
* - .ifDatabaseName()
* - .ifStorageEncrypted()
* - .ifDatabaseClass()
* - .ifStorageSize()
* - .ifMultiAz()
* - .ifPiops()
* - .ifVpc()
*
* Dependent actions:
* - rds:AddTagsToResource
* - rds:CreateDBCluster
* - rds:CreateDBClusterEndpoint
* - rds:CreateDBInstance
* - rds:CreateDBInstanceReadReplica
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateBlueGreenDeployment.html
*/
toCreateBlueGreenDeployment() {
return this.to('CreateBlueGreenDeployment');
}
/**
* Grants permission to create a custom engine version
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* Dependent actions:
* - iam:CreateServiceLinkedRole
* - mediaimport:CreateDatabaseBinarySnapshot
* - rds:AddTagsToResource
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateCustomDBEngineVersion.html
*/
toCreateCustomDBEngineVersion() {
return this.to('CreateCustomDBEngineVersion');
}
/**
* Grants permission to create a new DB cluster
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
* - .ifReqTag()
* - .ifDatabaseEngine()
* - .ifDatabaseName()
* - .ifStorageEncrypted()
* - .ifDatabaseClass()
* - .ifStorageSize()
* - .ifPiops()
* - .ifManageMasterUserPassword()
*
* Dependent actions:
* - iam:PassRole
* - kms:CreateGrant
* - kms:Decrypt
* - kms:DescribeKey
* - kms:GenerateDataKey
* - rds:AddTagsToResource
* - rds:CreateDBInstance
* - secretsmanager:CreateSecret
* - secretsmanager:TagResource
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html
*/
toCreateDBCluster() {
return this.to('CreateDBCluster');
}
/**
* Grants permission to create a new custom endpoint and associates it with an Amazon Aurora DB cluster or Amazon DocumentDB cluster
*
* Access Level: Write
*
* Possible conditions:
* - .ifEndpointType()
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* Dependent actions:
* - rds:AddTagsToResource
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBClusterEndpoint.html
*/
toCreateDBClusterEndpoint() {
return this.to('CreateDBClusterEndpoint');
}
/**
* Grants permission to create a new DB cluster parameter group
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
* - .ifReqTag()
*
* Dependent actions:
* - rds:AddTagsToResource
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBClusterParameterGroup.html
*/
toCreateDBClusterParameterGroup() {
return this.to('CreateDBClusterParameterGroup');
}
/**
* Grants permission to create a snapshot of a DB cluster
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
* - .ifReqTag()
*
* Dependent actions:
* - rds:AddTagsToResource
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBClusterSnapshot.html
*/
toCreateDBClusterSnapshot() {
return this.to('CreateDBClusterSnapshot');
}
/**
* Grants permission to create a new DB instance
*
* Access Level: Write
*
* Possible conditions:
* - .ifBackupTarget()
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
* - .ifReqTag()
* - .ifManageMasterUserPassword()
*
* Dependent actions:
* - iam:PassRole
* - kms:CreateGrant
* - kms:Decrypt
* - kms:DescribeKey
* - kms:GenerateDataKey
* - rds:AddTagsToResource
* - rds:CreateTenantDatabase
* - secretsmanager:CreateSecret
* - secretsmanager:TagResource
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html
*/
toCreateDBInstance() {
return this.to('CreateDBInstance');
}
/**
* Grants permission to create a DB instance that acts as a Read Replica of a source DB instance
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
* - .ifReqTag()
*
* Dependent actions:
* - iam:PassRole
* - rds:AddTagsToResource
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstanceReadReplica.html
*/
toCreateDBInstanceReadReplica() {
return this.to('CreateDBInstanceReadReplica');
}
/**
* Grants permission to create a new DB parameter group
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
* - .ifReqTag()
*
* Dependent actions:
* - rds:AddTagsToResource
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBParameterGroup.html
*/
toCreateDBParameterGroup() {
return this.to('CreateDBParameterGroup');
}
/**
* Grants permission to create a database proxy
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* Dependent actions:
* - iam:PassRole
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBProxy.html
*/
toCreateDBProxy() {
return this.to('CreateDBProxy');
}
/**
* Grants permission to create a database proxy endpoint
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBProxyEndpoint.html
*/
toCreateDBProxyEndpoint() {
return this.to('CreateDBProxyEndpoint');
}
/**
* Grants permission to create a new DB security group. DB security groups control access to a DB instance
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
* - .ifReqTag()
*
* Dependent actions:
* - rds:AddTagsToResource
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBSecurityGroup.html
*/
toCreateDBSecurityGroup() {
return this.to('CreateDBSecurityGroup');
}
/**
* Grants permission to create a new Aurora Limitless Database DB shard group
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* Dependent actions:
* - rds:AddTagsToResource
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBShardGroup.html
*/
toCreateDBShardGroup() {
return this.to('CreateDBShardGroup');
}
/**
* Grants permission to create a DBSnapshot
*
* Access Level: Write
*
* Possible conditions:
* - .ifBackupTarget()
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
* - .ifReqTag()
*
* Dependent actions:
* - rds:AddTagsToResource
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBSnapshot.html
*/
toCreateDBSnapshot() {
return this.to('CreateDBSnapshot');
}
/**
* Grants permission to create a new DB subnet group
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
* - .ifReqTag()
*
* Dependent actions:
* - rds:AddTagsToResource
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBSubnetGroup.html
*/
toCreateDBSubnetGroup() {
return this.to('CreateDBSubnetGroup');
}
/**
* Grants permission to create an RDS event notification subscription
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
* - .ifReqTag()
*
* Dependent actions:
* - rds:AddTagsToResource
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateEventSubscription.html
*/
toCreateEventSubscription() {
return this.to('CreateEventSubscription');
}
/**
* Grants permission to create an Aurora global database or DocumentDB global database spread across multiple regions
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateGlobalCluster.html
*/
toCreateGlobalCluster() {
return this.to('CreateGlobalCluster');
}
/**
* Grants permission to create an Aurora zero-ETL integration with Redshift
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
* - .ifReqTag()
*
* Dependent actions:
* - kms:CreateGrant
* - kms:DescribeKey
* - rds:AddTagsToResource
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateIntegration.html
*/
toCreateIntegration() {
return this.to('CreateIntegration');
}
/**
* Grants permission to create a new option group
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
* - .ifReqTag()
*
* Dependent actions:
* - rds:AddTagsToResource
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateOptionGroup.html
*/
toCreateOptionGroup() {
return this.to('CreateOptionGroup');
}
/**
* Grants permission to create a new tenant database
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
* - .ifTenantDatabaseName()
*
* Dependent actions:
* - rds:AddTagsToResource
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateTenantDatabase.html
*/
toCreateTenantDatabase() {
return this.to('CreateTenantDatabase');
}
/**
* Grants permission to access a resource in the remote Region when executing cross-Region operations, such as cross-Region snapshot copy or cross-Region read replica creation
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/security_iam_service-with-iam.html#UsingWithRDS.IAM.Conditions
*/
toCrossRegionCommunication() {
return this.to('CrossRegionCommunication');
}
/**
* Grants permission to delete blue green deployments
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsResourceTag()
*
* Dependent actions:
* - rds:DeleteDBCluster
* - rds:DeleteDBClusterEndpoint
* - rds:DeleteDBInstance
* - rds:PromoteReadReplica
* - rds:PromoteReadReplicaDBCluster
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteBlueGreenDeployment.html
*/
toDeleteBlueGreenDeployment() {
return this.to('DeleteBlueGreenDeployment');
}
/**
* Grants permission to delete an existing custom engine version
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteCustomDBEngineVersion.html
*/
toDeleteCustomDBEngineVersion() {
return this.to('DeleteCustomDBEngineVersion');
}
/**
* Grants permission to delete a previously provisioned DB cluster
*
* Access Level: Write
*
* Dependent actions:
* - rds:AddTagsToResource
* - rds:CreateDBClusterSnapshot
* - rds:DeleteDBInstance
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteDBCluster.html
*/
toDeleteDBCluster() {
return this.to('DeleteDBCluster');
}
/**
* Grants permission to delete cluster automated backups based on the source cluster's DbClusterResourceId value or the restorable cluster's resource ID
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteDBClusterAutomatedBackup.html
*/
toDeleteDBClusterAutomatedBackup() {
return this.to('DeleteDBClusterAutomatedBackup');
}
/**
* Grants permission to delete a custom endpoint and removes it from an Amazon Aurora DB cluster or Amazon DocumentDB cluster
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteDBClusterEndpoint.html
*/
toDeleteDBClusterEndpoint() {
return this.to('DeleteDBClusterEndpoint');
}
/**
* Grants permission to delete a specified DB cluster parameter group
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteDBClusterParameterGroup.html
*/
toDeleteDBClusterParameterGroup() {
return this.to('DeleteDBClusterParameterGroup');
}
/**
* Grants permission to delete a DB cluster snapshot
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteDBClusterSnapshot.html
*/
toDeleteDBClusterSnapshot() {
return this.to('DeleteDBClusterSnapshot');
}
/**
* Grants permission to delete a previously provisioned DB instance
*
* Access Level: Write
*
* Dependent actions:
* - rds:AddTagsToResource
* - rds:CreateDBSnapshot
* - rds:DeleteTenantDatabase
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteDBInstance.html
*/
toDeleteDBInstance() {
return this.to('DeleteDBInstance');
}
/**
* Grants permission to delete automated backups based on the source instance's DbiResourceId value or the restorable instance's resource ID
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteDBInstanceAutomatedBackup.html
*/
toDeleteDBInstanceAutomatedBackup() {
return this.to('DeleteDBInstanceAutomatedBackup');
}
/**
* Grants permission to delete a specified DBParameterGroup
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteDBParameterGroup.html
*/
toDeleteDBParameterGroup() {
return this.to('DeleteDBParameterGroup');
}
/**
* Grants permission to delete a database proxy
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteDBProxy.html
*/
toDeleteDBProxy() {
return this.to('DeleteDBProxy');
}
/**
* Grants permission to delete a database proxy endpoint
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteDBProxyEndpoint.html
*/
toDeleteDBProxyEndpoint() {
return this.to('DeleteDBProxyEndpoint');
}
/**
* Grants permission to delete a DB security group
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteDBSecurityGroup.html
*/
toDeleteDBSecurityGroup() {
return this.to('DeleteDBSecurityGroup');
}
/**
* Grants permission to delete an Aurora Limitless Database DB shard group
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteDBShardGroup.html
*/
toDeleteDBShardGroup() {
return this.to('DeleteDBShardGroup');
}
/**
* Grants permission to delete a DBSnapshot
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteDBSnapshot.html
*/
toDeleteDBSnapshot() {
return this.to('DeleteDBSnapshot');
}
/**
* Grants permission to delete a DB subnet group
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteDBSubnetGroup.html
*/
toDeleteDBSubnetGroup() {
return this.to('DeleteDBSubnetGroup');
}
/**
* Grants permission to delete an RDS event notification subscription
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteEventSubscription.html
*/
toDeleteEventSubscription() {
return this.to('DeleteEventSubscription');
}
/**
* Grants permission to delete a global database cluster
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteGlobalCluster.html
*/
toDeleteGlobalCluster() {
return this.to('DeleteGlobalCluster');
}
/**
* Grants permission to delete an Aurora zero-ETL integration with Redshift
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteIntegration.html
*/
toDeleteIntegration() {
return this.to('DeleteIntegration');
}
/**
* Grants permission to delete an existing option group
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteOptionGroup.html
*/
toDeleteOptionGroup() {
return this.to('DeleteOptionGroup');
}
/**
* Grants permission to delete a tenant database
*
* Access Level: Write
*
* Dependent actions:
* - rds:AddTagsToResource
* - rds:CreateDBSnapshot
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteTenantDatabase.html
*/
toDeleteTenantDatabase() {
return this.to('DeleteTenantDatabase');
}
/**
* Grants permission to remove targets from a database proxy target group
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeregisterDBProxyTargets.html
*/
toDeregisterDBProxyTargets() {
return this.to('DeregisterDBProxyTargets');
}
/**
* Grants permission to list all of the attributes for a customer account
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeAccountAttributes.html
*/
toDescribeAccountAttributes() {
return this.to('DescribeAccountAttributes');
}
/**
* Grants permission to describe blue green deployments
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeBlueGreenDeployments.html
*/
toDescribeBlueGreenDeployments() {
return this.to('DescribeBlueGreenDeployments');
}
/**
* Grants permission to list the set of CA certificates provided by Amazon RDS for this AWS account
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeCertificates.html
*/
toDescribeCertificates() {
return this.to('DescribeCertificates');
}
/**
* Grants permission to return a list of cluster automated backups for both current and deleted clusters
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBClusterAutomatedBackups.html
*/
toDescribeDBClusterAutomatedBackups() {
return this.to('DescribeDBClusterAutomatedBackups');
}
/**
* Grants permission to return information about backtracks for a DB cluster
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBClusterBacktracks.html
*/
toDescribeDBClusterBacktracks() {
return this.to('DescribeDBClusterBacktracks');
}
/**
* Grants permission to return information about endpoints for an Amazon Aurora DB cluster
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBClusterEndpoints.html
*/
toDescribeDBClusterEndpoints() {
return this.to('DescribeDBClusterEndpoints');
}
/**
* Grants permission to return a list of DBClusterParameterGroup descriptions
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBClusterParameterGroups.html
*/
toDescribeDBClusterParameterGroups() {
return this.to('DescribeDBClusterParameterGroups');
}
/**
* Grants permission to return the detailed parameter list for a particular DB cluster parameter group
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBClusterParameters.html
*/
toDescribeDBClusterParameters() {
return this.to('DescribeDBClusterParameters');
}
/**
* Grants permission to return a list of DB cluster snapshot attribute names and values for a manual DB cluster snapshot
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBClusterSnapshotAttributes.html
*/
toDescribeDBClusterSnapshotAttributes() {
return this.to('DescribeDBClusterSnapshotAttributes');
}
/**
* Grants permission to return information about DB cluster snapshots
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBClusterSnapshots.html
*/
toDescribeDBClusterSnapshots() {
return this.to('DescribeDBClusterSnapshots');
}
/**
* Grants permission to return information about provisioned Aurora DB clusters or DocumentDB clusters
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBClusters.html
*/
toDescribeDBClusters() {
return this.to('DescribeDBClusters');
}
/**
* Grants permission to return a list of the available DB engines
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBEngineVersions.html
*/
toDescribeDBEngineVersions() {
return this.to('DescribeDBEngineVersions');
}
/**
* Grants permission to return a list of automated backups for both current and deleted instances
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstanceAutomatedBackups.html
*/
toDescribeDBInstanceAutomatedBackups() {
return this.to('DescribeDBInstanceAutomatedBackups');
}
/**
* Grants permission to return information about provisioned RDS instances
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstances.html
*/
toDescribeDBInstances() {
return this.to('DescribeDBInstances');
}
/**
* Grants permission to return a list of DB log files for the DB instance
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBLogFiles.html
*/
toDescribeDBLogFiles() {
return this.to('DescribeDBLogFiles');
}
/**
* Grants permission to return a list of DBParameterGroup descriptions
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBParameterGroups.html
*/
toDescribeDBParameterGroups() {
return this.to('DescribeDBParameterGroups');
}
/**
* Grants permission to return the detailed parameter list for a particular DB parameter group
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBParameters.html
*/
toDescribeDBParameters() {
return this.to('DescribeDBParameters');
}
/**
* Grants permission to view proxies
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBProxies.html
*/
toDescribeDBProxies() {
return this.to('DescribeDBProxies');
}
/**
* Grants permission to view proxy endpoints
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBProxyEndpoints.html
*/
toDescribeDBProxyEndpoints() {
return this.to('DescribeDBProxyEndpoints');
}
/**
* Grants permission to view database proxy target group details
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBProxyTargetGroups.html
*/
toDescribeDBProxyTargetGroups() {
return this.to('DescribeDBProxyTargetGroups');
}
/**
* Grants permission to view database proxy target details
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBProxyTargets.html
*/
toDescribeDBProxyTargets() {
return this.to('DescribeDBProxyTargets');
}
/**
* Grants permission to list recommendation details
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBRecommendations.html
*/
toDescribeDBRecommendations() {
return this.to('DescribeDBRecommendations');
}
/**
* Grants permission to return a list of DBSecurityGroup descriptions
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBSecurityGroups.html
*/
toDescribeDBSecurityGroups() {
return this.to('DescribeDBSecurityGroups');
}
/**
* Grants permission to return information about all Aurora Limitless Database DB shard groups for this account. You can filter by shard group(s)
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBShardGroups.html
*/
toDescribeDBShardGroups() {
return this.to('DescribeDBShardGroups');
}
/**
* Grants permission to return a list of DB snapshot attribute names and values for a manual DB snapshot
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBSnapshotAttributes.html
*/
toDescribeDBSnapshotAttributes() {
return this.to('DescribeDBSnapshotAttributes');
}
/**
* Grants permission to return information about tenant databases in DB snapshots. You can filter by Region or snapshot
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBSnapshotTenantDatabases.html
*/
toDescribeDBSnapshotTenantDatabases() {
return this.to('DescribeDBSnapshotTenantDatabases');
}
/**
* Grants permission to return information about DB snapshots
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBSnapshots.html
*/
toDescribeDBSnapshots() {
return this.to('DescribeDBSnapshots');
}
/**
* Grants permission to return a list of DBSubnetGroup descriptions
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBSubnetGroups.html
*/
toDescribeDBSubnetGroups() {
return this.to('DescribeDBSubnetGroups');
}
/**
* Grants permission to return the default engine and system parameter information for the cluster database engine
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeEngineDefaultClusterParameters.html
*/
toDescribeEngineDefaultClusterParameters() {
return this.to('DescribeEngineDefaultClusterParameters');
}
/**
* Grants permission to return the default engine and system parameter information for the specified database engine
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeEngineDefaultParameters.html
*/
toDescribeEngineDefaultParameters() {
return this.to('DescribeEngineDefaultParameters');
}
/**
* Grants permission to display a list of categories for all event source types, or, if specified, for a specified source type
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeEventCategories.html
*/
toDescribeEventCategories() {
return this.to('DescribeEventCategories');
}
/**
* Grants permission to list all the subscription descriptions for a customer account
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeEventSubscriptions.html
*/
toDescribeEventSubscriptions() {
return this.to('DescribeEventSubscriptions');
}
/**
* Grants permission to return events related to DB instances, DB security groups, DB snapshots, and DB parameter groups for the past 14 days
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeEvents.html
*/
toDescribeEvents() {
return this.to('DescribeEvents');
}
/**
* Grants permission to return information about the export tasks
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeExportTasks.html
*/
toDescribeExportTasks() {
return this.to('DescribeExportTasks');
}
/**
* Grants permission to return information about Aurora global database clusters or DocumentDB global database clusters
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeGlobalClusters.html
*/
toDescribeGlobalClusters() {
return this.to('DescribeGlobalClusters');
}
/**
* Grants permission to describe an Aurora zero-ETL integration with Redshift
*
* Access Level: List
*
* Possible conditions:
* - .ifAwsResourceTag()
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeIntegrations.html
*/
toDescribeIntegrations() {
return this.to('DescribeIntegrations');
}
/**
* Grants permission to describe all available options
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeOptionGroupOptions.html
*/
toDescribeOptionGroupOptions() {
return this.to('DescribeOptionGroupOptions');
}
/**
* Grants permission to describe the available option groups
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeOptionGroups.html
*/
toDescribeOptionGroups() {
return this.to('DescribeOptionGroups');
}
/**
* Grants permission to return a list of orderable DB instance options for the specified engine
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeOrderableDBInstanceOptions.html
*/
toDescribeOrderableDBInstanceOptions() {
return this.to('DescribeOrderableDBInstanceOptions');
}
/**
* Grants permission to return a list of resources (for example, DB instances) that have at least one pending maintenance action
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribePendingMaintenanceActions.html
*/
toDescribePendingMaintenanceActions() {
return this.to('DescribePendingMaintenanceActions');
}
/**
* Grants permission to return information about recommendation groups
*
* Access Level: Read
*
* https://docs.aws.amazon.com/AmazonRDS/latest/USER_Recommendations.html
*/
toDescribeRecommendationGroups() {
return this.to('DescribeRecommendationGroups');
}
/**
* Grants permission to return information about recommendations
*
* Access Level: Read
*
* https://docs.aws.amazon.com/AmazonRDS/latest/USER_Recommendations.html
*/
toDescribeRecommendations() {
return this.to('DescribeRecommendations');
}
/**
* Grants permission to return information about reserved DB instances for this account, or about a specified reserved DB instance
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeReservedDBInstances.html
*/
toDescribeReservedDBInstances() {
return this.to('DescribeReservedDBInstances');
}
/**
* Grants permission to list available reserved DB instance offerings
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeReservedDBInstancesOfferings.html
*/
toDescribeReservedDBInstancesOfferings() {
return this.to('DescribeReservedDBInstancesOfferings');
}
/**
* Grants permission to return a list of the source AWS Regions where the current AWS Region can create a Read Replica or copy a DB snapshot from
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeSourceRegions.html
*/
toDescribeSourceRegions() {
return this.to('DescribeSourceRegions');
}
/**
* Grants permission to return information about provisioned tenant databases. You can filter by Region or snapshot
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeTenantDatabases.html
*/
toDescribeTenantDatabases() {
return this.to('DescribeTenantDatabases');
}
/**
* Grants permission to list available modifications you can make to your DB instance
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeValidDBInstanceModifications.html
*/
toDescribeValidDBInstanceModifications() {
return this.to('DescribeValidDBInstanceModifications');
}
/**
* Grants permission to disable http endpoint for a DB cluster
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DisableHttpEndpoint.html
*/
toDisableHttpEndpoint() {
return this.to('DisableHttpEndpoint');
}
/**
* Grants permission to download specified log file
*
* Access Level: Read
*
* https://docs.aws.amazon.com/AmazonRDS/latest/USER_LogAccess.html
*/
toDownloadCompleteDBLogFile() {
return this.to('DownloadCompleteDBLogFile');
}
/**
* Grants permission to download all or a portion of the specified log file, up to 1 MB in size
*
* Access Level: Read
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DownloadDBLogFilePortion.html
*/
toDownloadDBLogFilePortion() {
return this.to('DownloadDBLogFilePortion');
}
/**
* Grants permission to enable http endpoint for a DB cluster
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_EnableHttpEndpoint.html
*/
toEnableHttpEndpoint() {
return this.to('EnableHttpEndpoint');
}
/**
* Grants permission to force a failover for a DB cluster
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_FailoverDBCluster.html
*/
toFailoverDBCluster() {
return this.to('FailoverDBCluster');
}
/**
* Grants permission to failover a global cluster
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_FailoverGlobalCluster.html
*/
toFailoverGlobalCluster() {
return this.to('FailoverGlobalCluster');
}
/**
* Grants permission to list all tags on an Amazon RDS resource
*
* Access Level: Read
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ListTagsForResource.html
*/
toListTagsForResource() {
return this.to('ListTagsForResource');
}
/**
* Grants permission to modify a database activity stream
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyActivityStream.html
*/
toModifyActivityStream() {
return this.to('ModifyActivityStream');
}
/**
* Grants permission to modify the system-default Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificate for Amazon RDS for new DB instances
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyCertificates.html
*/
toModifyCertificates() {
return this.to('ModifyCertificates');
}
/**
* Grants permission to modify current cluster capacity for an Amazon Aurora Serverless DB cluster
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyCurrentDBClusterCapacity.html
*/
toModifyCurrentDBClusterCapacity() {
return this.to('ModifyCurrentDBClusterCapacity');
}
/**
* Grants permission to modify an existing custom engine version
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyCustomDBEngineVersion.html
*/
toModifyCustomDBEngineVersion() {
return this.to('ModifyCustomDBEngineVersion');
}
/**
* Grants permission to modify a setting for an Amazon Aurora DB cluster or Amazon DocumentDB cluster
*
* Access Level: Write
*
* Possible conditions:
* - .ifDatabaseClass()
* - .ifStorageSize()
* - .ifPiops()
* - .ifManageMasterUserPassword()
*
* Dependent actions:
* - iam:PassRole
* - kms:CreateGrant
* - kms:Decrypt
* - kms:DescribeKey
* - kms:GenerateDataKey
* - rds:ModifyDBInstance
* - secretsmanager:CreateSecret
* - secretsmanager:RotateSecret
* - secretsmanager:TagResource
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBCluster.html
*/
toModifyDBCluster() {
return this.to('ModifyDBCluster');
}
/**
* Grants permission to modify the properties of an endpoint in an Amazon Aurora DB cluster or Amazon DocumentDB cluster
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBClusterEndpoint.html
*/
toModifyDBClusterEndpoint() {
return this.to('ModifyDBClusterEndpoint');
}
/**
* Grants permission to modify the parameters of a DB cluster parameter group
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBClusterParameterGroup.html
*/
toModifyDBClusterParameterGroup() {
return this.to('ModifyDBClusterParameterGroup');
}
/**
* Grants permission to add an attribute and values to, or removes an attribute and values from, a manual DB cluster snapshot
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBClusterSnapshotAttribute.html
*/
toModifyDBClusterSnapshotAttribute() {
return this.to('ModifyDBClusterSnapshotAttribute');
}
/**
* Grants permission to modify settings for a DB instance
*
* Access Level: Write
*
* Possible conditions:
* - .ifManageMasterUserPassword()
*
* Dependent actions:
* - iam:PassRole
* - kms:CreateGrant
* - kms:Decrypt
* - kms:DescribeKey
* - kms:GenerateDataKey
* - rds:AddTagsToResource
* - rds:CreateTenantDatabase
* - secretsmanager:CreateSecret
* - secretsmanager:RotateSecret
* - secretsmanager:TagResource
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBInstance.html
*/
toModifyDBInstance() {
return this.to('ModifyDBInstance');
}
/**
* Grants permission to modify the parameters of a DB parameter group
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBParameterGroup.html
*/
toModifyDBParameterGroup() {
return this.to('ModifyDBParameterGroup');
}
/**
* Grants permission to modify database proxy
*
* Access Level: Write
*
* Dependent actions:
* - iam:PassRole
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBProxy.html
*/
toModifyDBProxy() {
return this.to('ModifyDBProxy');
}
/**
* Grants permission to modify database proxy endpoint
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBProxyEndpoint.html
*/
toModifyDBProxyEndpoint() {
return this.to('ModifyDBProxyEndpoint');
}
/**
* Grants permission to modify target group for a database proxy
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBProxyTargetGroup.html
*/
toModifyDBProxyTargetGroup() {
return this.to('ModifyDBProxyTargetGroup');
}
/**
* Grants permission to modify recommendation
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBRecommendation.html
*/
toModifyDBRecommendation() {
return this.to('ModifyDBRecommendation');
}
/**
* Grants permission to modify properties of an Aurora Limitless Database DB shard group
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBShardGroup.html
*/
toModifyDBShardGroup() {
return this.to('ModifyDBShardGroup');
}
/**
* Grants permission to update a manual DB snapshot, which can be encrypted or not encrypted, with a new engine version
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBSnapshot.html
*/
toModifyDBSnapshot() {
return this.to('ModifyDBSnapshot');
}
/**
* Grants permission to add an attribute and values to, or removes an attribute and values from, a manual DB snapshot
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBSnapshotAttribute.html
*/
toModifyDBSnapshotAttribute() {
return this.to('ModifyDBSnapshotAttribute');
}
/**
* Grants permission to modify an existing DB subnet group
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBSubnetGroup.html
*/
toModifyDBSubnetGroup() {
return this.to('ModifyDBSubnetGro