cdk-iam-floyd

import { AccessLevelList } from '../../shared/access-level'; import { PolicyStatement, Operator } from '../../shared'; import { aws_iam as iam } from "aws-cdk-lib"; /** * Statement provider for service [datapipeline](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsdatapipeline.html). * * @param sid [SID](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_sid.html) of the statement */ export declare class Datapipeline extends PolicyStatement { servicePrefix: string; /** * Grants permission to validate the specified pipeline and starts processing pipeline tasks. If the pipeline does not pass validation, activation fails * * Access Level: Write * * Possible conditions: * - .ifPipelineCreator() * - .ifTag() * - .ifWorkerGroup() * * https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_ActivatePipeline.html */ toActivatePipeline(): this; /** * Grants permission to add or modify tags for the specified pipeline * * Access Level: Tagging * * Possible conditions: * - .ifPipelineCreator() * - .ifTag() * - .ifAwsTagKeys() * - .ifAwsRequestTag() * * https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_AddTags.html */ toAddTags(): this; /** * Grants permission to create a new, empty pipeline * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * - .ifTag() * * Dependent actions: * - datapipeline:AddTags * * https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_CreatePipeline.html */ toCreatePipeline(): this; /** * Grants permission to Deactivate the specified running pipeline * * Access Level: Write * * Possible conditions: * - .ifPipelineCreator() * - .ifTag() * - .ifWorkerGroup() * * https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_DeactivatePipeline.html */ toDeactivatePipeline(): this; /** * Grants permission to delete a pipeline, its pipeline definition, and its run history * * Access Level: Write * * Possible conditions: * - .ifPipelineCreator() * - .ifTag() * * https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_DeletePipeline.html */ toDeletePipeline(): this; /** * Grants permission to get the object definitions for a set of objects associated with the pipeline * * Access Level: Read * * Possible conditions: * - .ifPipelineCreator() * - .ifTag() * * https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_DescribeObjects.html */ toDescribeObjects(): this; /** * Grants permission to retrieves metadata about one or more pipelines * * Access Level: Read * * Possible conditions: * - .ifPipelineCreator() * - .ifTag() * * https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_DescribePipelines.html */ toDescribePipelines(): this; /** * Grants permission to task runners to call EvaluateExpression, to evaluate a string in the context of the specified object * * Access Level: Read * * Possible conditions: * - .ifPipelineCreator() * - .ifTag() * * https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_EvaluateExpression.html */ toEvaluateExpression(): this; /** * Grants permission to call GetAccountLimits * * Access Level: List * * https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_GetAccountLimits.html */ toGetAccountLimits(): this; /** * Grants permission to gets the definition of the specified pipeline * * Access Level: Read * * Possible conditions: * - .ifPipelineCreator() * - .ifTag() * - .ifWorkerGroup() * * https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_GetPipelineDefinition.html */ toGetPipelineDefinition(): this; /** * Grants permission to list the pipeline identifiers for all active pipelines that you have permission to access * * Access Level: List * * https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_ListPipelines.html */ toListPipelines(): this; /** * Grants permission to task runners to call PollForTask, to receive a task to perform from AWS Data Pipeline * * Access Level: Write * * Possible conditions: * - .ifWorkerGroup() * * https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_PollForTask.html */ toPollForTask(): this; /** * Grants permission to call PutAccountLimits * * Access Level: Write * * https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_PutAccountLimits.html */ toPutAccountLimits(): this; /** * Grants permission to add tasks, schedules, and preconditions to the specified pipeline * * Access Level: Write * * Possible conditions: * - .ifPipelineCreator() * - .ifTag() * - .ifWorkerGroup() * * https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_PutPipelineDefinition.html */ toPutPipelineDefinition(): this; /** * Grants permission to query the specified pipeline for the names of objects that match the specified set of conditions * * Access Level: Read * * Possible conditions: * - .ifPipelineCreator() * - .ifTag() * * https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_QueryObjects.html */ toQueryObjects(): this; /** * Grants permission to remove existing tags from the specified pipeline * * Access Level: Tagging * * Possible conditions: * - .ifPipelineCreator() * - .ifTag() * - .ifAwsTagKeys() * - .ifAwsRequestTag() * * https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_RemoveTags.html */ toRemoveTags(): this; /** * Grants permission to task runners to call ReportTaskProgress, when they are assigned a task to acknowledge that it has the task * * Access Level: Write * * https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_ReportTaskProgress.html */ toReportTaskProgress(): this; /** * Grants permission to task runners to call ReportTaskRunnerHeartbeat every 15 minutes to indicate that they are operational * * Access Level: Write * * https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_ReportTaskRunnerHeartbeat.html */ toReportTaskRunnerHeartbeat(): this; /** * Grants permission to requests that the status of the specified physical or logical pipeline objects be updated in the specified pipeline * * Access Level: Write * * Possible conditions: * - .ifPipelineCreator() * - .ifTag() * * https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_SetStatus.html */ toSetStatus(): this; /** * Grants permission to task runners to call SetTaskStatus to notify AWS Data Pipeline that a task is completed and provide information about the final status * * Access Level: Write * * https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_SetTaskStatus.html */ toSetTaskStatus(): this; /** * Grants permission to validate the specified pipeline definition to ensure that it is well formed and can be run without error * * Access Level: Read * * Possible conditions: * - .ifPipelineCreator() * - .ifTag() * - .ifWorkerGroup() * * https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_ValidatePipelineDefinition.html */ toValidatePipelineDefinition(): this; protected accessLevelList: AccessLevelList; /** * Adds a resource of type pipeline to the statement * * https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsdatapipeline.html * * @param pipelineId - Identifier for the pipelineId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onPipeline(pipelineId: string, account?: string, region?: string, partition?: string): this; /** * Filters access by the presence of tag key-value pairs in the request * * https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-requesttag * * Applies to actions: * - .toAddTags() * - .toCreatePipeline() * - .toRemoveTags() * * @param tagKey The tag key to check * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifAwsRequestTag(tagKey: string, value: string | string[], operator?: Operator | string): this; /** * Filters access by tag key-value pairs attached to the resource * * https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-resourcetag * * Applies to resource types: * - pipeline * * @param tagKey The tag key to check * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifAwsResourceTag(tagKey: string, value: string | string[], operator?: Operator | string): this; /** * Filters access by the presence of tag keys in the request * * https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-tagkeys * * Applies to actions: * - .toAddTags() * - .toCreatePipeline() * - .toRemoveTags() * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifAwsTagKeys(value: string | string[], operator?: Operator | string): this; /** * Filters access by the IAM user that created the pipeline * * https://docs.aws.amazon.com/datapipeline/latest/DeveloperGuide/dp-example-tag-policies.html#ex3 * * Applies to actions: * - .toActivatePipeline() * - .toAddTags() * - .toDeactivatePipeline() * - .toDeletePipeline() * - .toDescribeObjects() * - .toDescribePipelines() * - .toEvaluateExpression() * - .toGetPipelineDefinition() * - .toPutPipelineDefinition() * - .toQueryObjects() * - .toRemoveTags() * - .toSetStatus() * - .toValidatePipelineDefinition() * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifPipelineCreator(value: string | string[], operator?: Operator | string): this; /** * Filters access by customer-specified key/value pair that can be attached to a resource * * https://docs.aws.amazon.com/datapipeline/latest/DeveloperGuide/dp-iam-resourcebased-access.html#dp-control-access-tags * * Applies to actions: * - .toActivatePipeline() * - .toAddTags() * - .toCreatePipeline() * - .toDeactivatePipeline() * - .toDeletePipeline() * - .toDescribeObjects() * - .toDescribePipelines() * - .toEvaluateExpression() * - .toGetPipelineDefinition() * - .toPutPipelineDefinition() * - .toQueryObjects() * - .toRemoveTags() * - .toSetStatus() * - .toValidatePipelineDefinition() * * @param tagKey The tag key to check * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifTag(tagKey: string, value: string | string[], operator?: Operator | string): this; /** * Filters access by the name of a worker group for which a Task Runner retrieves work * * https://docs.aws.amazon.com/datapipeline/latest/DeveloperGuide/dp-iam-resourcebased-access.html#dp-control-access-workergroup * * Applies to actions: * - .toActivatePipeline() * - .toDeactivatePipeline() * - .toGetPipelineDefinition() * - .toPollForTask() * - .toPutPipelineDefinition() * - .toValidatePipelineDefinition() * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifWorkerGroup(value: string | string[], operator?: Operator | string): this; /** * Statement provider for service [datapipeline](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsdatapipeline.html). * */ constructor(props?: iam.PolicyStatementProps); }