cdk-iam-floyd
Version:
AWS IAM policy statement generator with fluent interface for AWS CDK
1,959 lines • 167 kB
JavaScript
"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.Datazone = void 0;
const shared_1 = require("../../shared");
/**
* Statement provider for service [datazone](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazondatazone.html).
*
* @param sid [SID](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_sid.html) of the statement
*/
class Datazone extends shared_1.PolicyStatement {
/**
* Grants permission to accept prediction
*
* Access Level: Write
*/
toAcceptPredictions() {
return this.to('AcceptPredictions');
}
/**
* Grants permission to approve a subscription request for a Data Asset
*
* Access Level: Write
*/
toAcceptSubscriptionRequest() {
return this.to('AcceptSubscriptionRequest');
}
/**
* Grants permission to add an owner to an entity like domain unit
*
* Access Level: Write
*/
toAddEntityOwner() {
return this.to('AddEntityOwner');
}
/**
* Grants permission to add a policy grant
*
* Access Level: Permissions management
*/
toAddPolicyGrant() {
return this.to('AddPolicyGrant');
}
/**
* Grants permission to associate a role in a default service blueprint environment
*
* Access Level: Write
*/
toAssociateEnvironmentRole() {
return this.to('AssociateEnvironmentRole');
}
/**
* Grants permission to associate governed terms to an asset
*
* Access Level: Write
*/
toAssociateGovernedTerms() {
return this.to('AssociateGovernedTerms');
}
/**
* Grants permission to remove linked type items from an Amazon DataZone Domain
*
* Access Level: Write
*/
toBatchDeleteLinkedTypes() {
return this.to('BatchDeleteLinkedTypes');
}
/**
* Grants permission to retrieve attributes metadata
*
* Access Level: Read
*/
toBatchGetAttributesMetadata() {
return this.to('BatchGetAttributesMetadata');
}
/**
* Grants permission to batch get cells
*
* Access Level: Read
*/
toBatchGetCell() {
return this.to('BatchGetCell');
}
/**
* Grants permission to batch get cell runs
*
* Access Level: Read
*/
toBatchGetCellRun() {
return this.to('BatchGetCellRun');
}
/**
* Grants permission to create and update attributes metadata
*
* Access Level: Write
*/
toBatchPutAttributesMetadata() {
return this.to('BatchPutAttributesMetadata');
}
/**
* Grants permission to put linked type items to an Amazon DataZone Domain
*
* Access Level: Write
*/
toBatchPutLinkedTypes() {
return this.to('BatchPutLinkedTypes');
}
/**
* Grants permission to cancel an in-progress agent response
*
* Access Level: Write
*/
toCancelMessage() {
return this.to('CancelMessage');
}
/**
* Grants permission to cancel metadata generation run
*
* Access Level: Write
*/
toCancelMetadataGenerationRun() {
return this.to('CancelMetadataGenerationRun');
}
/**
* Grants permission to revoke or unsubscribe an approved subscription to Data Asset
*
* Access Level: Write
*/
toCancelSubscription() {
return this.to('CancelSubscription');
}
/**
* Grants permission to create an account pool
*
* Access Level: Write
*/
toCreateAccountPool() {
return this.to('CreateAccountPool');
}
/**
* Grants permission to create asset
*
* Access Level: Write
*/
toCreateAsset() {
return this.to('CreateAsset');
}
/**
* Grants permission to create asset filter
*
* Access Level: Write
*/
toCreateAssetFilter() {
return this.to('CreateAssetFilter');
}
/**
* Grants permission to create new revision of an asset
*
* Access Level: Write
*/
toCreateAssetRevision() {
return this.to('CreateAssetRevision');
}
/**
* Grants permission to create an asset type
*
* Access Level: Write
*/
toCreateAssetType() {
return this.to('CreateAssetType');
}
/**
* Grants permission to create cells
*
* Access Level: Write
*/
toCreateCell() {
return this.to('CreateCell');
}
/**
* Grants permission to create cell runs
*
* Access Level: Write
*/
toCreateCellRun() {
return this.to('CreateCellRun');
}
/**
* Grants permission to create connections
*
* Access Level: Write
*/
toCreateConnection() {
return this.to('CreateConnection');
}
/**
* Grants permission to create data product
*
* Access Level: Write
*/
toCreateDataProduct() {
return this.to('CreateDataProduct');
}
/**
* Grants permission to create data product revision
*
* Access Level: Write
*/
toCreateDataProductRevision() {
return this.to('CreateDataProductRevision');
}
/**
* Grants permission to create a new DataSource
*
* Access Level: Write
*/
toCreateDataSource() {
return this.to('CreateDataSource');
}
/**
* Grants permission to provision a domain which is a top level entity that contains other Amazon DataZone resources
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*/
toCreateDomain() {
return this.to('CreateDomain');
}
/**
* Grants permission to create a domain unit
*
* Access Level: Write
*/
toCreateDomainUnit() {
return this.to('CreateDomainUnit');
}
/**
* Grants permission to create a collection of configurated resources used to publish and subscribe to data
*
* Access Level: Write
*/
toCreateEnvironment() {
return this.to('CreateEnvironment');
}
/**
* Grants permission to create an environment action in a default service blueprint environment
*
* Access Level: Write
*/
toCreateEnvironmentAction() {
return this.to('CreateEnvironmentAction');
}
/**
* Grants permission to create a custom Environment Blueprint that allow user to add Environments to their Project
*
* Access Level: Write
*/
toCreateEnvironmentBlueprint() {
return this.to('CreateEnvironmentBlueprint');
}
/**
* Grants permission to create a template from a Blueprint that can be used to create a Environment
*
* Access Level: Write
*/
toCreateEnvironmentProfile() {
return this.to('CreateEnvironmentProfile');
}
/**
* Grants permission to create a form type or a new revision of it
*
* Access Level: Write
*/
toCreateFormType() {
return this.to('CreateFormType');
}
/**
* Grants permission to create a business glossary
*
* Access Level: Write
*/
toCreateGlossary() {
return this.to('CreateGlossary');
}
/**
* Grants permission to create a glossary term
*
* Access Level: Write
*/
toCreateGlossaryTerm() {
return this.to('CreateGlossaryTerm');
}
/**
* Grants permission to create a DataZone group profile for an IAM Identity Center group
*
* Access Level: Write
*/
toCreateGroupProfile() {
return this.to('CreateGroupProfile');
}
/**
* Grants permission to create listing change set
*
* Access Level: Write
*/
toCreateListingChangeSet() {
return this.to('CreateListingChangeSet');
}
/**
* Grants permission to create notebooks
*
* Access Level: Write
*/
toCreateNotebook() {
return this.to('CreateNotebook');
}
/**
* Grants permission to create a Project to enable your team to publish and subscribe to data
*
* Access Level: Write
*/
toCreateProject() {
return this.to('CreateProject');
}
/**
* Grants permission to add a user to a Project
*
* Access Level: Write
*/
toCreateProjectMembership() {
return this.to('CreateProjectMembership');
}
/**
* Grants permission to create a project profile
*
* Access Level: Write
*/
toCreateProjectProfile() {
return this.to('CreateProjectProfile');
}
/**
* Grants permission to create rule
*
* Access Level: Write
*/
toCreateRule() {
return this.to('CreateRule');
}
/**
* Grants permission to create a grant for an approved subscription on a subscription target
*
* Access Level: Write
*/
toCreateSubscriptionGrant() {
return this.to('CreateSubscriptionGrant');
}
/**
* Grants permission to create a subscription request for a Data Asset
*
* Access Level: Write
*/
toCreateSubscriptionRequest() {
return this.to('CreateSubscriptionRequest');
}
/**
* Grants permission to create a subscription target for a Environment in the project
*
* Access Level: Write
*/
toCreateSubscriptionTarget() {
return this.to('CreateSubscriptionTarget');
}
/**
* Grants permission to create a user profile for an existing user in the customers IAM Identity Center
*
* Access Level: Write
*/
toCreateUserProfile() {
return this.to('CreateUserProfile');
}
/**
* Grants permission to delete an account pool
*
* Access Level: Write
*/
toDeleteAccountPool() {
return this.to('DeleteAccountPool');
}
/**
* Grants permission to delete an asset
*
* Access Level: Write
*/
toDeleteAsset() {
return this.to('DeleteAsset');
}
/**
* Grants permission to delete asset filter
*
* Access Level: Write
*/
toDeleteAssetFilter() {
return this.to('DeleteAssetFilter');
}
/**
* Grants permission to delete an asset type
*
* Access Level: Write
*/
toDeleteAssetType() {
return this.to('DeleteAssetType');
}
/**
* Grants permission to delete cells
*
* Access Level: Write
*/
toDeleteCell() {
return this.to('DeleteCell');
}
/**
* Grants permission to delete cell runs
*
* Access Level: Write
*/
toDeleteCellRun() {
return this.to('DeleteCellRun');
}
/**
* Grants permission to delete connections
*
* Access Level: Write
*/
toDeleteConnection() {
return this.to('DeleteConnection');
}
/**
* Grants permission to delete DataZone catalog data export configuration
*
* Access Level: Write
*/
toDeleteDataExportConfiguration() {
return this.to('DeleteDataExportConfiguration');
}
/**
* Grants permission to delete data product
*
* Access Level: Write
*/
toDeleteDataProduct() {
return this.to('DeleteDataProduct');
}
/**
* Grants permission to update existing DataSource
*
* Access Level: Write
*/
toDeleteDataSource() {
return this.to('DeleteDataSource');
}
/**
* Grants permission to delete a provisioned domain
*
* Access Level: Write
*/
toDeleteDomain() {
return this.to('DeleteDomain');
}
/**
* Grants permission to delete a resource policy for a DataZone Domain
*
* Access Level: Permissions management
*/
toDeleteDomainSharingPolicy() {
return this.to('DeleteDomainSharingPolicy');
}
/**
* Grants permission to delete an existing domain unit
*
* Access Level: Write
*/
toDeleteDomainUnit() {
return this.to('DeleteDomainUnit');
}
/**
* Grants permission to Delete Environment
*
* Access Level: Write
*/
toDeleteEnvironment() {
return this.to('DeleteEnvironment');
}
/**
* Grants permission to delete an environment action in a default service blueprint environment
*
* Access Level: Write
*/
toDeleteEnvironmentAction() {
return this.to('DeleteEnvironmentAction');
}
/**
* Grants permission to delete Environment Blueprint
*
* Access Level: Write
*/
toDeleteEnvironmentBlueprint() {
return this.to('DeleteEnvironmentBlueprint');
}
/**
* Grants permission to delete environment blueprint configuration
*
* Access Level: Write
*/
toDeleteEnvironmentBlueprintConfiguration() {
return this.to('DeleteEnvironmentBlueprintConfiguration');
}
/**
* Grants permission to delete Environment Profile
*
* Access Level: Write
*/
toDeleteEnvironmentProfile() {
return this.to('DeleteEnvironmentProfile');
}
/**
* Grants permission to delete a form type
*
* Access Level: Write
*/
toDeleteFormType() {
return this.to('DeleteFormType');
}
/**
* Grants permission to delete a business glossary
*
* Access Level: Write
*/
toDeleteGlossary() {
return this.to('DeleteGlossary');
}
/**
* Grants permission to delete a glossary term
*
* Access Level: Write
*/
toDeleteGlossaryTerm() {
return this.to('DeleteGlossaryTerm');
}
/**
* Grants permission to delete listing
*
* Access Level: Write
*/
toDeleteListing() {
return this.to('DeleteListing');
}
/**
* Grants permission to delete notebooks
*
* Access Level: Write
*/
toDeleteNotebook() {
return this.to('DeleteNotebook');
}
/**
* Grants permission to delete a Project that enables your team to publish and subscribe to data
*
* Access Level: Write
*/
toDeleteProject() {
return this.to('DeleteProject');
}
/**
* Grants permission to remove a user from a project
*
* Access Level: Write
*/
toDeleteProjectMembership() {
return this.to('DeleteProjectMembership');
}
/**
* Grants permission to delete a project profile
*
* Access Level: Write
*/
toDeleteProjectProfile() {
return this.to('DeleteProjectProfile');
}
/**
* Grants permission to delete rule
*
* Access Level: Write
*/
toDeleteRule() {
return this.to('DeleteRule');
}
/**
* Grants permission to delete a subscription grant from a subscription target
*
* Access Level: Write
*/
toDeleteSubscriptionGrant() {
return this.to('DeleteSubscriptionGrant');
}
/**
* Grants permission to delete a pending subscription request for a Data Asset
*
* Access Level: Write
*/
toDeleteSubscriptionRequest() {
return this.to('DeleteSubscriptionRequest');
}
/**
* Grants permission to delete a subscription target from a Environment in the project
*
* Access Level: Write
*/
toDeleteSubscriptionTarget() {
return this.to('DeleteSubscriptionTarget');
}
/**
* Grants permission to delete existing TimeSeriesDataPoints
*
* Access Level: Write
*/
toDeleteTimeSeriesDataPoints() {
return this.to('DeleteTimeSeriesDataPoints');
}
/**
* Grants permission to disassociate a role in a default service blueprint environment
*
* Access Level: Write
*/
toDisassociateEnvironmentRole() {
return this.to('DisassociateEnvironmentRole');
}
/**
* Grants permission to disassociate governed terms to an asset
*
* Access Level: Write
*/
toDisassociateGovernedTerms() {
return this.to('DisassociateGovernedTerms');
}
/**
* Grants permission to generate code
*
* Access Level: Write
*/
toGenerateCode() {
return this.to('GenerateCode');
}
/**
* Grants permission to get account pool details
*
* Access Level: Read
*/
toGetAccountPool() {
return this.to('GetAccountPool');
}
/**
* Grants permission to retrieve an asset
*
* Access Level: Read
*/
toGetAsset() {
return this.to('GetAsset');
}
/**
* Grants permission to get asset filter
*
* Access Level: Read
*/
toGetAssetFilter() {
return this.to('GetAssetFilter');
}
/**
* Grants permission to get an asset type
*
* Access Level: Read
*/
toGetAssetType() {
return this.to('GetAssetType');
}
/**
* Grants permission to get cells
*
* Access Level: Read
*/
toGetCell() {
return this.to('GetCell');
}
/**
* Grants permission to get cell runs
*
* Access Level: Read
*/
toGetCellRun() {
return this.to('GetCellRun');
}
/**
* Grants permission to get cell run result
*
* Access Level: Read
*/
toGetCellRunResult() {
return this.to('GetCellRunResult');
}
/**
* Grants permission to get connections
*
* Access Level: Read
*/
toGetConnection() {
return this.to('GetConnection');
}
/**
* Grants permission to get conversations
*
* Access Level: Read
*/
toGetConversation() {
return this.to('GetConversation');
}
/**
* Grants permission to retrieve DataZone catalog data export configuration
*
* Access Level: Read
*/
toGetDataExportConfiguration() {
return this.to('GetDataExportConfiguration');
}
/**
* Grants permission to get data product
*
* Access Level: Read
*/
toGetDataProduct() {
return this.to('GetDataProduct');
}
/**
* Grants permission to Get a existing DataSource in Amazon DataZone using its identifier
*
* Access Level: Read
*/
toGetDataSource() {
return this.to('GetDataSource');
}
/**
* Grants permission to get DataSource run job in Amazon DataZone using it's identifier
*
* Access Level: Read
*/
toGetDataSourceRun() {
return this.to('GetDataSourceRun');
}
/**
* Grants permission to retrieve information about a domain
*
* Access Level: Read
*/
toGetDomain() {
return this.to('GetDomain');
}
/**
* Grants permission to use features that require access to domain execution role credentials
*
* Access Level: Read
*/
toGetDomainExecutionRoleCredentials() {
return this.to('GetDomainExecutionRoleCredentials');
}
/**
* Grants permission to retrieve a resource policy for a DataZone Domain
*
* Access Level: Read
*/
toGetDomainSharingPolicy() {
return this.to('GetDomainSharingPolicy');
}
/**
* Grants permission to get an existing domain unit
*
* Access Level: Read
*/
toGetDomainUnit() {
return this.to('GetDomainUnit');
}
/**
* Grants permission to get Environment details
*
* Access Level: Read
*/
toGetEnvironment() {
return this.to('GetEnvironment');
}
/**
* Grants permission to get an environment action in a default service blueprint environment
*
* Access Level: Read
*/
toGetEnvironmentAction() {
return this.to('GetEnvironmentAction');
}
/**
* Grants permission to get environment action link
*
* Access Level: Read
*/
toGetEnvironmentActionLink() {
return this.to('GetEnvironmentActionLink');
}
/**
* Grants permission to get Environment Blueprint details
*
* Access Level: Read
*/
toGetEnvironmentBlueprint() {
return this.to('GetEnvironmentBlueprint');
}
/**
* Grants permission to get environment blueprint configuration
*
* Access Level: Read
*/
toGetEnvironmentBlueprintConfiguration() {
return this.to('GetEnvironmentBlueprintConfiguration');
}
/**
* Grants permission to get short term credentials that assume the Environment user role
*
* Access Level: Read
*/
toGetEnvironmentCredentials() {
return this.to('GetEnvironmentCredentials');
}
/**
* Grants permission to get Environment Profile details
*
* Access Level: Read
*/
toGetEnvironmentProfile() {
return this.to('GetEnvironmentProfile');
}
/**
* Grants permission to get a form type
*
* Access Level: Read
*/
toGetFormType() {
return this.to('GetFormType');
}
/**
* Grants permission to get a business glossary
*
* Access Level: Read
*/
toGetGlossary() {
return this.to('GetGlossary');
}
/**
* Grants permission to get a glossary term
*
* Access Level: Read
*/
toGetGlossaryTerm() {
return this.to('GetGlossaryTerm');
}
/**
* Grants permission to retrieve an existing DataZone group profile
*
* Access Level: Read
*/
toGetGroupProfile() {
return this.to('GetGroupProfile');
}
/**
* Grants permission to an IAM principal to log into the DataZone Portal
*
* Access Level: Permissions management
*/
toGetIamPortalLoginUrl() {
return this.to('GetIamPortalLoginUrl');
}
/**
* Grants permission to get job runs
*
* Access Level: Read
*/
toGetJobRun() {
return this.to('GetJobRun');
}
/**
* Grants permission to get lineage events
*
* Access Level: Read
*/
toGetLineageEvent() {
return this.to('GetLineageEvent');
}
/**
* Grants permission to get the lineage node
*
* Access Level: Read
*/
toGetLineageNode() {
return this.to('GetLineageNode');
}
/**
* Grants permission to get listing
*
* Access Level: Read
*/
toGetListing() {
return this.to('GetListing');
}
/**
* Grants permission to get metadata generation run
*
* Access Level: Read
*/
toGetMetadataGenerationRun() {
return this.to('GetMetadataGenerationRun');
}
/**
* Grants permission to get notebooks
*
* Access Level: Read
*/
toGetNotebook() {
return this.to('GetNotebook');
}
/**
* Grants permission to get notebook compute
*
* Access Level: Read
*/
toGetNotebookCompute() {
return this.to('GetNotebookCompute');
}
/**
* Grants permission to get notebook exports
*
* Access Level: Read
*/
toGetNotebookExport() {
return this.to('GetNotebookExport');
}
/**
* Grants permission to get Project details
*
* Access Level: Read
*/
toGetProject() {
return this.to('GetProject');
}
/**
* Grants permission to get project profile details
*
* Access Level: Read
*/
toGetProjectProfile() {
return this.to('GetProjectProfile');
}
/**
* Grants permission to get rule
*
* Access Level: Read
*/
toGetRule() {
return this.to('GetRule');
}
/**
* Grants permission to retrieve a subscription
*
* Access Level: Read
*/
toGetSubscription() {
return this.to('GetSubscription');
}
/**
* Grants permission to get subscription eligibilty
*
* Access Level: Read
*/
toGetSubscriptionEligibility() {
return this.to('GetSubscriptionEligibility');
}
/**
* Grants permission to retireve a subscription grant
*
* Access Level: Read
*/
toGetSubscriptionGrant() {
return this.to('GetSubscriptionGrant');
}
/**
* Grants permission to reject a subscription request for a Data Asset
*
* Access Level: Read
*/
toGetSubscriptionRequestDetails() {
return this.to('GetSubscriptionRequestDetails');
}
/**
* Grants permission to retireve details of subscription target
*
* Access Level: Read
*/
toGetSubscriptionTarget() {
return this.to('GetSubscriptionTarget');
}
/**
* Grants permission to get an existing TimeSeriesDataPoints in Amazon DataZone using its identifier
*
* Access Level: Read
*/
toGetTimeSeriesDataPoint() {
return this.to('GetTimeSeriesDataPoint');
}
/**
* Grants permission to get update eligibility status for project constructs
*
* Access Level: Read
*/
toGetUpdateEligibility() {
return this.to('GetUpdateEligibility');
}
/**
* Grants permission to retrieve a user profile for an existing user in the DataZone Domain
*
* Access Level: Read
*/
toGetUserProfile() {
return this.to('GetUserProfile');
}
/**
* Grants permission to list Environments across all domains in an AWS Account
*
* Access Level: List
*/
toListAccountEnvironments() {
return this.to('ListAccountEnvironments');
}
/**
* Grants permission to list account pools
*
* Access Level: List
*/
toListAccountPools() {
return this.to('ListAccountPools');
}
/**
* Grants permission to list accounts in an account pool
*
* Access Level: List
*/
toListAccountsInAccountPool() {
return this.to('ListAccountsInAccountPool');
}
/**
* Grants permission to list asset filters
*
* Access Level: List
*/
toListAssetFilters() {
return this.to('ListAssetFilters');
}
/**
* Grants permission to list revisions of an asset
*
* Access Level: List
*/
toListAssetRevisions() {
return this.to('ListAssetRevisions');
}
/**
* Grants permission to list cell runs
*
* Access Level: List
*/
toListCellRuns() {
return this.to('ListCellRuns');
}
/**
* Grants permission to list connections
*
* Access Level: List
*/
toListConnections() {
return this.to('ListConnections');
}
/**
* Grants permission to list conversations
*
* Access Level: List
*/
toListConversations() {
return this.to('ListConversations');
}
/**
* Grants permission to list data product revisions
*
* Access Level: List
*/
toListDataProductRevisions() {
return this.to('ListDataProductRevisions');
}
/**
* Grants permission to list DataSource runs job's activities on Asset
*
* Access Level: List
*/
toListDataSourceRunActivities() {
return this.to('ListDataSourceRunActivities');
}
/**
* Grants permission to list DataSource runs job
*
* Access Level: List
*/
toListDataSourceRuns() {
return this.to('ListDataSourceRuns');
}
/**
* Grants permission to list existing DataSources
*
* Access Level: List
*/
toListDataSources() {
return this.to('ListDataSources');
}
/**
* Grants permission to list child domain units for a given parent domain unit
*
* Access Level: List
*/
toListDomainUnitsForParent() {
return this.to('ListDomainUnitsForParent');
}
/**
* Grants permission to retrieve all domains
*
* Access Level: List
*/
toListDomains() {
return this.to('ListDomains');
}
/**
* Grants permission to list owners of an entity like domain unit
*
* Access Level: List
*/
toListEntityOwners() {
return this.to('ListEntityOwners');
}
/**
* Grants permission to list environment actions in a default service blueprint environment
*
* Access Level: List
*/
toListEnvironmentActions() {
return this.to('ListEnvironmentActions');
}
/**
* Grants permission to list environment blueprint configuration summaries
*
* Access Level: List
*/
toListEnvironmentBlueprintConfigurationSummaries() {
return this.to('ListEnvironmentBlueprintConfigurationSummaries');
}
/**
* Grants permission to list environment blueprint configurations
*
* Access Level: List
*/
toListEnvironmentBlueprintConfigurations() {
return this.to('ListEnvironmentBlueprintConfigurations');
}
/**
* Grants permission to list Domain for Environment Blueprints
*
* Access Level: List
*/
toListEnvironmentBlueprints() {
return this.to('ListEnvironmentBlueprints');
}
/**
* Grants permission to list Domain for Environment Profiles
*
* Access Level: List
*/
toListEnvironmentProfiles() {
return this.to('ListEnvironmentProfiles');
}
/**
* Grants permission to show Environments in the Domain
*
* Access Level: List
*/
toListEnvironments() {
return this.to('ListEnvironments');
}
/**
* Grants permission to list all the DataZone group profiles that the DataZone user profile is a member of
*
* Access Level: List
*/
toListGroupsForUser() {
return this.to('ListGroupsForUser');
}
/**
* Grants permission to list job runs
*
* Access Level: List
*/
toListJobRuns() {
return this.to('ListJobRuns');
}
/**
* Grants permission to list lineage events
*
* Access Level: List
*/
toListLineageEvents() {
return this.to('ListLineageEvents');
}
/**
* Grants permission to list historical versions of lineage node
*
* Access Level: List
*/
toListLineageNodeHistory() {
return this.to('ListLineageNodeHistory');
}
/**
* Grants permission to list linked type items linked to an Amazon DataZone Domain
*
* Access Level: List
*/
toListLinkedTypes() {
return this.to('ListLinkedTypes');
}
/**
* Grants permission to list metadata generation runs
*
* Access Level: List
*/
toListMetadataGenerationRuns() {
return this.to('ListMetadataGenerationRuns');
}
/**
* Grants permission to list notebooks
*
* Access Level: List
*/
toListNotebooks() {
return this.to('ListNotebooks');
}
/**
* Grants permission to list notifications and events for a datazone user
*
* Access Level: List
*/
toListNotifications() {
return this.to('ListNotifications');
}
/**
* Grants permission to list policy grants
*
* Access Level: List
*/
toListPolicyGrants() {
return this.to('ListPolicyGrants');
}
/**
* Grants permission to list Project Members
*
* Access Level: List
*/
toListProjectMemberships() {
return this.to('ListProjectMemberships');
}
/**
* Grants permission to list project profiles
*
* Access Level: List
*/
toListProjectProfiles() {
return this.to('ListProjectProfiles');
}
/**
* Grants permission to list Projects
*
* Access Level: List
*/
toListProjects() {
return this.to('ListProjects');
}
/**
* Grants permission to list rules
*
* Access Level: List
*/
toListRules() {
return this.to('ListRules');
}
/**
* Grants permission to List subscription grants for a subscribed principal
*
* Access Level: List
*/
toListSubscriptionGrants() {
return this.to('ListSubscriptionGrants');
}
/**
* Grants permission to list subscription requests
*
* Access Level: List
*/
toListSubscriptionRequests() {
return this.to('ListSubscriptionRequests');
}
/**
* Grants permission to list subscription targets
*
* Access Level: List
*/
toListSubscriptionTargets() {
return this.to('ListSubscriptionTargets');
}
/**
* Grants permission to list subscriptions
*
* Access Level: List
*/
toListSubscriptions() {
return this.to('ListSubscriptions');
}
/**
* Grants permission to retrieve all tags associated with a resource
*
* Access Level: Read
*/
toListTagsForResource() {
return this.to('ListTagsForResource');
}
/**
* Grants permission to list existing TimeSeriesDataPoints
*
* Access Level: List
*/
toListTimeSeriesDataPoints() {
return this.to('ListTimeSeriesDataPoints');
}
/**
* Grants permission to list available Manager Secrets
*
* Access Level: List
*/
toListWarehouseMetadata() {
return this.to('ListWarehouseMetadata');
}
/**
* Grants permission to post lineage events
*
* Access Level: Write
*/
toPostLineageEvent() {
return this.to('PostLineageEvent');
}
/**
* Grants permission to post a new TimeSeriesDataPoints
*
* Access Level: Write
*/
toPostTimeSeriesDataPoints() {
return this.to('PostTimeSeriesDataPoints');
}
/**
* Grants permission to provision domain with default project setup
*
* Access Level: Write
*/
toProvisionDomain() {
return this.to('ProvisionDomain');
}
/**
* Grants permission to put cell run results
*
* Access Level: Write
*/
toPutCellRunResult() {
return this.to('PutCellRunResult');
}
/**
* Grants permission to create and update DataZone catalog data export configuration
*
* Access Level: Write
*/
toPutDataExportConfiguration() {
return this.to('PutDataExportConfiguration');
}
/**
* Grants permission to add a resource policy for a DataZone Domain
*
* Access Level: Permissions management
*/
toPutDomainSharingPolicy() {
return this.to('PutDomainSharingPolicy');
}
/**
* Grants permission to put environment blueprint configuration
*
* Access Level: Write
*/
toPutEnvironmentBlueprintConfiguration() {
return this.to('PutEnvironmentBlueprintConfiguration');
}
/**
* Grants permission to query graph
*
* Access Level: List
*/
toQueryGraph() {
return this.to('QueryGraph');
}
/**
* Grants permission to refresh token
*
* Access Level: Write
*/
toRefreshToken() {
return this.to('RefreshToken');
}
/**
* Grants permission to reject prediction
*
* Access Level: Write
*/
toRejectPredictions() {
return this.to('RejectPredictions');
}
/**
* Grants permission to reject a subscription request for a Data Asset
*
* Access Level: Write
*/
toRejectSubscriptionRequest() {
return this.to('RejectSubscriptionRequest');
}
/**
* Grants permission to remove an existing owner of an entity like domain unit
*
* Access Level: Write
*/
toRemoveEntityOwner() {
return this.to('RemoveEntityOwner');
}
/**
* Grants permission to remove a policy grant
*
* Access Level: Permissions management
*/
toRemovePolicyGrant() {
return this.to('RemovePolicyGrant');
}
/**
* Grants permission to revoke a subscription
*
* Access Level: Permissions management
*/
toRevokeSubscription() {
return this.to('RevokeSubscription');
}
/**
* Grants permission to search datazone entities
*
* Access Level: List
*/
toSearch() {
return this.to('Search');
}
/**
* Grants permission to search DataZone group profiles and IAM Identity Center groups
*
* Access Level: List
*/
toSearchGroupProfiles() {
return this.to('SearchGroupProfiles');
}
/**
* Grants permission to search listings
*
* Access Level: List
*/
toSearchListings() {
return this.to('SearchListings');
}
/**
* Grants permission to search rules
*
* Access Level: List
*/
toSearchRules() {
return this.to('SearchRules');
}
/**
* Grants permission to search types such asset types and form types in a domain
*
* Access Level: List
*/
toSearchTypes() {
return this.to('SearchTypes');
}
/**
* Grants permission to search DataZone user profiles, IAM Identity Center users, and DataZone IAM principal profiles
*
* Access Level: List
*/
toSearchUserProfiles() {
return this.to('SearchUserProfiles');
}
/**
* Grants permission to send messages
*
* Access Level: Write
*/
toSendMessage() {
return this.to('SendMessage');
}
/**
* Grants permission to login using SSO
*
* Access Level: Write
*/
toSsoLogin() {
return this.to('SsoLogin');
}
/**
* Grants permission to logout as SSO user
*
* Access Level: Write
*/
toSsoLogout() {
return this.to('SsoLogout');
}
/**
* Grants permission to start account bootstrap action for a domain
*
* Access Level: Write
*/
toStartAccountBootstrapAction() {
return this.to('StartAccountBootstrapAction');
}
/**
* Grants permission to start conversations
*
* Access Level: Write
*/
toStartConversation() {
return this.to('StartConversation');
}
/**
* Grants permission to start a DataSource run job
*
* Access Level: Write
*/
toStartDataSourceRun() {
return this.to('StartDataSourceRun');
}
/**
* Grants permission to start metadata generation run
*
* Access Level: Write
*/
toStartMetadataGenerationRun() {
return this.to('StartMetadataGenerationRun');
}
/**
* Grants permission to start notebook compute
*
* Access Level: Write
*/
toStartNotebookCompute() {
return this.to('StartNotebookCompute');
}
/**
* Grants permission to export notebooks
*
* Access Level: Write
*/
toStartNotebookExport() {
return this.to('StartNotebookExport');
}
/**
* Grants permission to import notebooks
*
* Access Level: Write
*/
toStartNotebookImport() {
return this.to('StartNotebookImport');
}
/**
* Grants permission to stop metadata generation run
*
* Access Level: Write
*/
toStopMetadataGenerationRun() {
return this.to('StopMetadataGenerationRun');
}
/**
* Grants permission to stop notebook compute
*
* Access Level: Write
*/
toStopNotebookCompute() {
return this.to('StopNotebookCompute');
}
/**
* Grants permission to add or update tags to a resource
*
* Access Level: Tagging
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*/
toTagResource() {
return this.to('TagResource');
}
/**
* Grants permission to remove tags associated with a resource
*
* Access Level: Tagging
*
* Possible conditions:
* - .ifAwsTagKeys()
*/
toUntagResource() {
return this.to('UntagResource');
}
/**
* Grants permission to update an account pool
*
* Access Level: Write
*/
toUpdateAccountPool() {
return this.to('UpdateAccountPool');
}
/**
* Grants permission to update asset filter
*
* Access Level: Write
*/
toUpdateAssetFilter() {
return this.to('UpdateAssetFilter');
}
/**
* Grants permission to update cells
*
* Access Level: Write
*/
toUpdateCell() {
return this.to('UpdateCell');
}
/**
* Grants permission to update cell runs
*
* Access Level: Write
*/
toUpdateCellRun() {
return this.to('UpdateCellRun');
}
/**
* Grants permission to update connections
*
* Access Level: Write
*/
toUpdateConnection() {
return this.to('UpdateConnection');
}
/**
* Grants permission to update existing DataSource
*
* Access Level: Write
*/
toUpdateDataSource() {
return this.to('UpdateDataSource');
}
/**
* Grants permission to update data source run activities
*
* Access Level: Write
*/
toUpdateDataSourceRunActivities() {
return this.to('UpdateDataSourceRunActivities');
}
/**
* Grants permission to update information for a domain
*
* Access Level: Write
*/
toUpdateDomain() {
return this.to('UpdateDomain');
}
/**
* Grants permission to update an existing domain unit
*
* Access Level: Write
*/
toUpdateDomainUnit() {
return this.to('UpdateDomainUnit');
}
/**
* Grants permission to update Environment settings
*
* Access Level: Write
*/
toUpdateEnvironment() {
return this.to('UpdateEnvironment');
}
/**
* Grants permission to update an environment action in a default service blueprint environment
*
* Access Level: Write
*/
toUpdateEnvironmentAction() {
return this.to('UpdateEnvironmentAction');
}
/**
* Grants permission to update Environment Blueprint settings
*
* Access Level: Write
*/
toUpdateEnvironmentBlueprint() {
return this.to('UpdateEnvironmentBlueprint');
}
/**
* Grants permission to update environment configuration
*
* Access Level: Write
*/
toUpdateEnvironmentConfiguration() {
return this.to('UpdateEnvironmentConfiguration');
}
/**
* Grants permission to update status of the Environment deployment
*
* Access Level: Write
*/
toUpdateEnvironmentDeploymentStatus() {
return this.to('UpdateEnvironmentDeploymentStatus');
}
/**
* Grants permission to update EnvironmentProfile configuration
*
* Access Level: Write
*/
toUpdateEnvironmentProfile() {
return this.to('UpdateEnvironmentProfile');
}
/**
* Grants permission to update a business glossary
*
* Access Level: Write
*/
toUpdateGlossary() {
return this.to('UpdateGlossary');
}
/**
* Grants permission to update a glossary term
*
* Access Level: Write
*/
toUpdateGlossaryTerm() {
return this.to('UpdateGlossaryTerm');
}
/**
* Grants permission to update a DataZone group profile
*
* Access Level: Write
*/
toUpdateGroupProfile() {
return this.to('UpdateGroupProfile');
}
/**
* Grants permission to update notebooks
*
* Access Level: Write
*/
toUpdateNotebook() {
return this.to('UpdateNotebook');
}
/**
* Grants permission to update a Project that enables your team to publish and subscribe to data
*
* Access Level: Write
*/
toUpdateProject() {
return this.to('UpdateProject');
}
/**
* Grants permission to update a project profile
*
* Access Level: Write
*/
toUpdateProjectProfile() {
return this.to('UpdateProjectProfile');
}
/**
* Grants permission to update rule
*
* Access Level: Write
*/
toUpdateRule() {
return this.to('UpdateRule');
}
/**
* Grants permission to update a subscription grant status for custom grants
*
* Access Level: Write
*/
toUpdateSubscriptionGrantStatus() {
return this.to('UpdateSubscriptionGrantStatus');
}
/**
* Grants permission to update business reason for subscription request for a Data Asset
*
* Access Level: Write
*/
toUpdateSubscriptionRequest() {
return this.to('UpdateSubscriptionRequest');
}
/**
* Grants permission to update a subscription target
*
* Access Level: Write
*/
toUpdateSubscriptionTarget() {
return this.to('UpdateSubscriptionTarget');
}
/**
* Grants permission to update a DataZone user profile
*
* Access Level: Write
*/
toUpdateUserProfile() {
return this.to('UpdateUserProfile');
}
/**
* Grants permission to validate pass role
*
* Access Level: Write
*/
toValidatePassRole() {
return this.to('ValidatePassRole');
}
/**
* Adds a resource of type domain to the statement
*
* https://docs.aws.amazon.com/datazone/latest/userguide/create-domain.html
*
* @param domainId - Identifier for the domainId.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onDomain(domainId, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:datazone:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:domain/${domainId}`);
}
/**
* Filters access by the tags that are passed in the request
*
* https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-requesttag
*
* Applies to actions:
* - .toCreateDomain()
* - .toTagResource()
*
* @param tagKey The tag key to check
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifAwsRequestTag(tagKey, value, operator) {
return this.if(`aws:RequestTag/${tagKey}`, value, operator ?? 'StringLike');
}
/**
* Filters access by the tags associated with the resource
*
* https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-resourcetag
*
* Applies to resource types:
* - domain
*
* @param tagKey The tag key to check
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifAwsResourceTag(tagKey, value, operator) {
return this.if(`aws:ResourceTag/${tagKey}`, value, operator ?? 'StringLike');
}
/**
* Filters access by the tag keys that are passed in the request
*
* https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-tagkeys
*
* Applies to actions:
* - .toCreateDomain()
* - .toTagResource()
* - .toUntagResource()
*
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifAwsTagKeys(value, operator) {
return this.if(`aws:TagKeys`, value, operator ?? 'StringLike');
}
/**
* Filters access by the domain ID passed in the request
*
* https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#amazondatazone-policy-keys
*
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifDomainId(value, operator) {
return this.if(`domainId`, value, operator ?? 'StringLike');
}
/**
* Filters access by the project ID passed in the request
*
* https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#amazondatazone-policy-keys
*
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifProjectId(value, operator) {
return this.if(`projectId`, value, operator ?? 'StringLike');
}
/**
* Filters access by the user ID passed in the request
*
* https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#amazondatazone-policy-keys
*
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifUserId(value, operator) {
return this.if(`userId`, value, operator ?? 'StringLike');
}
/**
* Statement provider for s