cdk-iam-floyd

import { AccessLevelList } from '../../shared/access-level'; import { PolicyStatement, Operator } from '../../shared'; import { aws_iam as iam } from "aws-cdk-lib"; /** * Statement provider for service [ssm-incidents](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssystemsmanagerincidentmanager.html). * * @param sid [SID](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_sid.html) of the statement */ export declare class SsmIncidents extends PolicyStatement { servicePrefix: string; /** * Grants permission to retrieve details about specified findings for an incident record * * Access Level: Read * * https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_BatchGetIncidentFindings.html */ toBatchGetIncidentFindings(): this; /** * Grants permission to create a replication set * * Access Level: Write * * Possible conditions: * - .ifAwsTagKeys() * - .ifAwsRequestTag() * * Dependent actions: * - iam:CreateServiceLinkedRole * - ssm-incidents:TagResource * * https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_CreateReplicationSet.html */ toCreateReplicationSet(): this; /** * Grants permission to create a response plan * * Access Level: Write * * Possible conditions: * - .ifAwsTagKeys() * - .ifAwsRequestTag() * * Dependent actions: * - iam:PassRole * - ssm-incidents:TagResource * * https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_CreateResponsePlan.html */ toCreateResponsePlan(): this; /** * Grants permission to create a timeline event for an incident record * * Access Level: Write * * https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_CreateTimelineEvent.html */ toCreateTimelineEvent(): this; /** * Grants permission to delete an incident record * * Access Level: Write * * https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_DeleteIncidentRecord.html */ toDeleteIncidentRecord(): this; /** * Grants permission to delete a replication set * * Access Level: Write * * https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_DeleteReplicationSet.html */ toDeleteReplicationSet(): this; /** * Grants permission to delete resource policy from a response plan * * Access Level: Permissions management * * https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_DeleteResourcePolicy.html */ toDeleteResourcePolicy(): this; /** * Grants permission to delete a response plan * * Access Level: Write * * https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_DeleteResponsePlan.html */ toDeleteResponsePlan(): this; /** * Grants permission to delete a timeline event * * Access Level: Write * * https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_DeleteTimelineEvent.html */ toDeleteTimelineEvent(): this; /** * Grants permission to view the contents of an incident record * * Access Level: Read * * https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_GetIncidentRecord.html */ toGetIncidentRecord(): this; /** * Grants permission to view the replication set * * Access Level: Read * * https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_GetReplicationSet.html */ toGetReplicationSet(): this; /** * Grants permission to view resource policies of a response plan * * Access Level: Read * * https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_GetResourcePolicies.html */ toGetResourcePolicies(): this; /** * Grants permission to view the contents of a specified response plan * * Access Level: Read * * https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_GetResponsePlan.html */ toGetResponsePlan(): this; /** * Grants permission to view a timeline event * * Access Level: Read * * https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_GetTimelineEvent.html */ toGetTimelineEvent(): this; /** * Grants permission to list findings for an incident record * * Access Level: List * * https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_ListIncidentFindings.html */ toListIncidentFindings(): this; /** * Grants permission to list the contents of all incident records * * Access Level: List * * https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_ListIncidentRecords.html */ toListIncidentRecords(): this; /** * Grants permission to list related items of an incident record * * Access Level: List * * https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_ListRelatedItems.html */ toListRelatedItems(): this; /** * Grants permission to list all replication sets * * Access Level: List * * https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_ListReplicationSets.html */ toListReplicationSets(): this; /** * Grants permission to list all response plans * * Access Level: List * * https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_ListResponsePlans.html */ toListResponsePlans(): this; /** * Grants permission to view a list of resource tags for a specified resource * * Access Level: Read * * https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_ListTagsForResource.html */ toListTagsForResource(): this; /** * Grants permission to list all timeline events for an incident record * * Access Level: List * * https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_ListTimelineEvents.html */ toListTimelineEvents(): this; /** * Grants permission to put resource policy on a response plan * * Access Level: Permissions management * * https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_PutResourcePolicy.html */ toPutResourcePolicy(): this; /** * Grants permission to start a new incident using a response plan * * Access Level: Write * * https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_StartIncident.html */ toStartIncident(): this; /** * Grants permission to add tags to a response plan * * Access Level: Tagging * * Possible conditions: * - .ifAwsTagKeys() * - .ifAwsRequestTag() * * https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_TagResource.html */ toTagResource(): this; /** * Grants permission to remove tags from a response plan * * Access Level: Tagging * * Possible conditions: * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_UntagResource.html */ toUntagResource(): this; /** * Grants permission to update replication set deletion protection * * Access Level: Write * * https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_UpdateDeletionProtection.html */ toUpdateDeletionProtection(): this; /** * Grants permission to update the contents of an incident record * * Access Level: Write * * https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_UpdateIncidentRecord.html */ toUpdateIncidentRecord(): this; /** * Grants permission to update related items of an incident record * * Access Level: Write * * https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_UpdateRelatedItems.html */ toUpdateRelatedItems(): this; /** * Grants permission to update a replication set * * Access Level: Write * * https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_UpdateReplicationSet.html */ toUpdateReplicationSet(): this; /** * Grants permission to update the contents of a response plan * * Access Level: Write * * Possible conditions: * - .ifAwsTagKeys() * - .ifAwsRequestTag() * * Dependent actions: * - iam:PassRole * - ssm-incidents:TagResource * * https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_UpdateResponsePlan.html */ toUpdateResponsePlan(): this; /** * Grants permission to update a timeline event * * Access Level: Write * * https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_UpdateTimelineEvent.html */ toUpdateTimelineEvent(): this; protected accessLevelList: AccessLevelList; /** * Adds a resource of type response-plan to the statement * * https://docs.aws.amazon.com/incident-manager/latest/userguide/response-plans.html * * @param responsePlan - Identifier for the responsePlan. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onResponsePlan(responsePlan: string, account?: string, partition?: string): this; /** * Adds a resource of type incident-record to the statement * * https://docs.aws.amazon.com/incident-manager/latest/userguide/tracking-details.html * * @param responsePlan - Identifier for the responsePlan. * @param incidentRecord - Identifier for the incidentRecord. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onIncidentRecord(responsePlan: string, incidentRecord: string, account?: string, partition?: string): this; /** * Adds a resource of type replication-set to the statement * * https://docs.aws.amazon.com/incident-manager/latest/userguide/disaster-recovery-resiliency.html#replication * * @param replicationSet - Identifier for the replicationSet. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onReplicationSet(replicationSet: string, account?: string, partition?: string): this; /** * Filters access by the tags that are passed in the request * * https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-requesttag * * Applies to actions: * - .toCreateReplicationSet() * - .toCreateResponsePlan() * - .toTagResource() * - .toUpdateResponsePlan() * * @param tagKey The tag key to check * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifAwsRequestTag(tagKey: string, value: string | string[], operator?: Operator | string): this; /** * Filters access by the tags associated with the resource * * https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-resourcetag * * Applies to resource types: * - response-plan * - incident-record * - replication-set * * @param tagKey The tag key to check * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifAwsResourceTag(tagKey: string, value: string | string[], operator?: Operator | string): this; /** * Filters access by the tag keys that are passed in the request * * https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-tagkeys * * Applies to actions: * - .toCreateReplicationSet() * - .toCreateResponsePlan() * - .toTagResource() * - .toUntagResource() * - .toUpdateResponsePlan() * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifAwsTagKeys(value: string | string[], operator?: Operator | string): this; /** * Statement provider for service [ssm-incidents](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssystemsmanagerincidentmanager.html). * */ constructor(props?: iam.PolicyStatementProps); }