cdk-iam-floyd

import { AccessLevelList } from '../../shared/access-level'; import { PolicyStatement, Operator } from '../../shared'; import { aws_iam as iam } from "aws-cdk-lib"; /** * Statement provider for service [elasticloadbalancing-v2](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awselasticloadbalancingv2.html). * * @param sid [SID](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_sid.html) of the statement */ export declare class ElasticloadbalancingV2 extends PolicyStatement { servicePrefix: string; /** * Grants permission to add the specified certificates to the specified secure listener * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * - .ifResourceTag() * * https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_AddListenerCertificates.html */ toAddListenerCertificates(): this; /** * Grants permission to add the specified tags to the specified load balancer. Each load balancer can have a maximum of 10 tags * * Access Level: Tagging * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * - .ifAwsResourceTag() * - .ifResourceTag() * - .ifCreateAction() * * https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_AddTags.html */ toAddTags(): this; /** * Grants permission to add revocations to a trust store * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * - .ifResourceTag() * * https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_AddTrustStoreRevocations.html */ toAddTrustStoreRevocations(): this; /** * Grants permission to configure vended log delivery for load balancers * * Access Level: Permissions management * * https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_AllowVendedLogDeliveryForResource.html */ toAllowVendedLogDeliveryForResource(): this; /** * Grants permission to create a listener for the specified Application Load Balancer * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * - .ifAwsResourceTag() * - .ifResourceTag() * - .ifSecurityPolicy() * - .ifListenerProtocol() * * Dependent actions: * - elasticloadbalancing:AddTags * * https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_CreateListener.html */ toCreateListener(): this; /** * Grants permission to create a load balancer * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * - .ifAwsResourceTag() * - .ifResourceTag() * - .ifSecurityGroup() * - .ifSubnet() * - .ifScheme() * * Dependent actions: * - elasticloadbalancing:AddTags * * https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_CreateLoadBalancer.html */ toCreateLoadBalancer(): this; /** * Grants permission to create a rule for the specified listener * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * - .ifAwsResourceTag() * - .ifResourceTag() * * Dependent actions: * - elasticloadbalancing:AddTags * * https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_CreateRule.html */ toCreateRule(): this; /** * Grants permission to create a target group * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * - .ifAwsResourceTag() * - .ifResourceTag() * * Dependent actions: * - elasticloadbalancing:AddTags * * https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_CreateTargetGroup.html */ toCreateTargetGroup(): this; /** * Grants permission to create a trust store * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * - .ifAwsResourceTag() * - .ifResourceTag() * * Dependent actions: * - elasticloadbalancing:AddTags * * https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_CreateTrustStore.html */ toCreateTrustStore(): this; /** * Grants permission to associate WAF WebACL to the specified load balancer * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * - .ifResourceTag() * * https://docs.aws.amazon.com/waf/latest/developerguide/security_iam_service-with-iam.html#security_iam_action-AssociateWebACL */ toCreateWebACLAssociation(): this; /** * Grants permission to delete the specified listener * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * - .ifResourceTag() * * https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DeleteListener.html */ toDeleteListener(): this; /** * Grants permission to delete the specified load balancer * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * - .ifResourceTag() * * https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DeleteLoadBalancer.html */ toDeleteLoadBalancer(): this; /** * Grants permission to delete the specified rule * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * - .ifResourceTag() * * https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DeleteRule.html */ toDeleteRule(): this; /** * Grants permission to delete the specified shared trust store association * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * - .ifResourceTag() * * https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DeleteSharedTrustStoreAssociation.html */ toDeleteSharedTrustStoreAssociation(): this; /** * Grants permission to delete the specified target group * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * - .ifResourceTag() * * https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DeleteTargetGroup.html */ toDeleteTargetGroup(): this; /** * Grants permission to delete the specified trust store * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * - .ifResourceTag() * * https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DeleteTrustStore.html */ toDeleteTrustStore(): this; /** * Grants permission to disassociate WAF WebACL from the specified load balancer * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * - .ifResourceTag() * * https://docs.aws.amazon.com/waf/latest/developerguide/security_iam_service-with-iam.html#security_iam_action-AssociateWebACL */ toDeleteWebACLAssociation(): this; /** * Grants permission to deregister the specified targets from the specified target group * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * - .ifResourceTag() * * https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DeregisterTargets.html */ toDeregisterTargets(): this; /** * Grants permission to describe the Elastic Load Balancing resource limits for the AWS account * * Access Level: Read * * https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeAccountLimits.html */ toDescribeAccountLimits(): this; /** * Grants permission to describe the capacity reservation for a load balancer * * Access Level: Read * * https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeCapacityReservation.html */ toDescribeCapacityReservation(): this; /** * Grants permission to describe the attributes for the specified listener * * Access Level: Read * * https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeListenerAttributes.html */ toDescribeListenerAttributes(): this; /** * Grants permission to describe the certificates for the specified secure listener * * Access Level: Read * * https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeListenerCertificates.html */ toDescribeListenerCertificates(): this; /** * Grants permission to describe the specified listeners or the listeners for the specified Application Load Balancer * * Access Level: Read * * https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeListeners.html */ toDescribeListeners(): this; /** * Grants permission to describe the attributes for the specified load balancer * * Access Level: Read * * https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancerAttributes.html */ toDescribeLoadBalancerAttributes(): this; /** * Grants permission to describe the specified the load balancers. If no load balancers are specified, the call describes all of your load balancers * * Access Level: List * * https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html */ toDescribeLoadBalancers(): this; /** * Grants permission to describe the specified rules or the rules for the specified listener * * Access Level: Read * * https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeRules.html */ toDescribeRules(): this; /** * Grants permission to describe the specified policies or all policies used for SSL negotiation * * Access Level: Read * * https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeSSLPolicies.html */ toDescribeSSLPolicies(): this; /** * Grants permission to describe the tags associated with the specified resource * * Access Level: Read * * https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeTags.html */ toDescribeTags(): this; /** * Grants permission to describe the attributes for the specified target group * * Access Level: Read * * https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeTargetGroupAttributes.html */ toDescribeTargetGroupAttributes(): this; /** * Grants permission to describe the specified target groups or all of your target groups * * Access Level: Read * * https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeTargetGroups.html */ toDescribeTargetGroups(): this; /** * Grants permission to describe the health of the specified targets or all of your targets * * Access Level: Read * * https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeTargetHealth.html */ toDescribeTargetHealth(): this; /** * Grants permission to describe the associations with a trust store * * Access Level: Read * * https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeTrustStoreAssociations.html */ toDescribeTrustStoreAssociations(): this; /** * Grants permission to describe the specified trust stores revocations or all of your revocations related to a trust store * * Access Level: Read * * https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeTrustStoreRevocations.html */ toDescribeTrustStoreRevocations(): this; /** * Grants permission to describe the specified trust stores or all of your trust stores * * Access Level: Read * * https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeTrustStores.html */ toDescribeTrustStores(): this; /** * Grants permission to describe all load balancers associated to a WAF WebACL in your account * * Access Level: List * * https://docs.aws.amazon.com/waf/latest/developerguide/security_iam_service-with-iam.html#security_iam_action-AssociateWebACL */ toDescribeWebACLAssociation(): this; /** * Grants permission to retrieve the WAF WebACL associated to the specified load balancer * * Access Level: Read * * Possible conditions: * - .ifAwsResourceTag() * - .ifResourceTag() * * https://docs.aws.amazon.com/waf/latest/developerguide/security_iam_service-with-iam.html#security_iam_action-AssociateWebACL */ toGetLoadBalancerWebACL(): this; /** * Grants permission to retrieve the resource policy associated with the resource * * Access Level: Read * * Possible conditions: * - .ifAwsResourceTag() * - .ifResourceTag() * * https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_GetResourcePolicy.html */ toGetResourcePolicy(): this; /** * Grants permission to retrieve a trust store CA certificates bundle * * Access Level: Read * * Possible conditions: * - .ifAwsResourceTag() * - .ifResourceTag() * * https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_GetTrustStoreCaCertificatesBundle.html */ toGetTrustStoreCaCertificatesBundle(): this; /** * Grants permission to retrieve a trust store revocation content * * Access Level: Read * * Possible conditions: * - .ifAwsResourceTag() * - .ifResourceTag() * * https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_GetTrustStoreRevocationContent.html */ toGetTrustStoreRevocationContent(): this; /** * Grants permission to modify the capacity reservation for a load balancer * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * - .ifResourceTag() * * https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_ModifyCapacityReservation.html */ toModifyCapacityReservation(): this; /** * Grants permission to modify the ip pools for a load balancer * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * - .ifResourceTag() * * https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_ModifyIpPools.html */ toModifyIpPools(): this; /** * Grants permission to modify the specified properties of the specified listener * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * - .ifResourceTag() * - .ifSecurityPolicy() * - .ifListenerProtocol() * * https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_ModifyListener.html */ toModifyListener(): this; /** * Grants permission to modify the attributes of the specified listener * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * - .ifResourceTag() * * https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_ModifyListenerAttributes.html */ toModifyListenerAttributes(): this; /** * Grants permission to modify the attributes of the specified load balancer * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * - .ifResourceTag() * * https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_ModifyLoadBalancerAttributes.html */ toModifyLoadBalancerAttributes(): this; /** * Grants permission to modify the specified rule * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * - .ifResourceTag() * * https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_ModifyRule.html */ toModifyRule(): this; /** * Grants permission to modify the health checks used when evaluating the health state of the targets in the specified target group * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * - .ifResourceTag() * * https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_ModifyTargetGroup.html */ toModifyTargetGroup(): this; /** * Grants permission to modify the specified attributes of the specified target group * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * - .ifResourceTag() * * https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_ModifyTargetGroupAttributes.html */ toModifyTargetGroupAttributes(): this; /** * Grants permission to modify the specified trust store * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * - .ifResourceTag() * * https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_ModifyTrustStore.html */ toModifyTrustStore(): this; /** * Grants permission to register the specified targets with the specified target group * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * - .ifResourceTag() * * https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_RegisterTargets.html */ toRegisterTargets(): this; /** * Grants permission to remove the specified certificates of the specified secure listener * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * - .ifResourceTag() * * https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_RemoveListenerCertificates.html */ toRemoveListenerCertificates(): this; /** * Grants permission to remove one or more tags from the specified load balancer * * Access Level: Tagging * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * - .ifAwsResourceTag() * - .ifResourceTag() * * https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_RemoveTags.html */ toRemoveTags(): this; /** * Grants permission to remove revocations from a trust store * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * - .ifResourceTag() * * https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_RemoveTrustStoreRevocations.html */ toRemoveTrustStoreRevocations(): this; /** * Grants permission to set the type of IP addresses used by the subnets of the specified load balancer * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * - .ifResourceTag() * * https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_SetIpAddressType.html */ toSetIpAddressType(): this; /** * Grants permission to set the priorities of the specified rules * * Access Level: Write * * https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_SetRulePriorities.html */ toSetRulePriorities(): this; /** * Grants permission to associate the specified security groups with the specified load balancer * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * - .ifResourceTag() * - .ifSecurityGroup() * * https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_SetSecurityGroups.html */ toSetSecurityGroups(): this; /** * Grants permission to enable the Availability Zone for the specified subnets for the specified load balancer * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * - .ifResourceTag() * - .ifSubnet() * * https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_SetSubnets.html */ toSetSubnets(): this; /** * Grants permission to give WebAcl permission to WAF * * Access Level: Write * * https://docs.aws.amazon.com/waf/latest/developerguide/security_iam_service-with-iam.html#security_iam_action-AssociateWebACL */ toSetWebAcl(): this; protected accessLevelList: AccessLevelList; /** * Adds a resource of type listener/gwy to the statement * * https://docs.aws.amazon.com/elasticloadbalancing/latest/gateway/gateway-listeners.html * * @param loadBalancerName - Identifier for the loadBalancerName. * @param loadBalancerId - Identifier for the loadBalancerId. * @param listenerId - Identifier for the listenerId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() * - .ifResourceTag() */ onListenerGwy(loadBalancerName: string, loadBalancerId: string, listenerId: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type listener/app to the statement * * https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-listeners.html * * @param loadBalancerName - Identifier for the loadBalancerName. * @param loadBalancerId - Identifier for the loadBalancerId. * @param listenerId - Identifier for the listenerId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() * - .ifResourceTag() */ onListenerApp(loadBalancerName: string, loadBalancerId: string, listenerId: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type listener-rule/app to the statement * * https://docs.aws.amazon.com/elasticloadbalancing/latest/application/listener-update-rules.html * * @param loadBalancerName - Identifier for the loadBalancerName. * @param loadBalancerId - Identifier for the loadBalancerId. * @param listenerId - Identifier for the listenerId. * @param listenerRuleId - Identifier for the listenerRuleId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() * - .ifResourceTag() */ onListenerRuleApp(loadBalancerName: string, loadBalancerId: string, listenerId: string, listenerRuleId: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type listener/net to the statement * * https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-listeners.html * * @param loadBalancerName - Identifier for the loadBalancerName. * @param loadBalancerId - Identifier for the loadBalancerId. * @param listenerId - Identifier for the listenerId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() * - .ifResourceTag() */ onListenerNet(loadBalancerName: string, loadBalancerId: string, listenerId: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type listener-rule/net to the statement * * https://docs.aws.amazon.com/elasticloadbalancing/latest/application/listener-update-rules.html * * @param loadBalancerName - Identifier for the loadBalancerName. * @param loadBalancerId - Identifier for the loadBalancerId. * @param listenerId - Identifier for the listenerId. * @param listenerRuleId - Identifier for the listenerRuleId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() * - .ifResourceTag() */ onListenerRuleNet(loadBalancerName: string, loadBalancerId: string, listenerId: string, listenerRuleId: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type loadbalancer/gwy/ to the statement * * https://docs.aws.amazon.com/elasticloadbalancing/latest/gateway/gateway-load-balancers.html * * @param loadBalancerName - Identifier for the loadBalancerName. * @param loadBalancerId - Identifier for the loadBalancerId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() * - .ifResourceTag() */ onLoadbalancerGwy(loadBalancerName: string, loadBalancerId: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type loadbalancer/app/ to the statement * * https://docs.aws.amazon.com/elasticloadbalancing/latest/application/introduction.html#application-load-balancer-overview * * @param loadBalancerName - Identifier for the loadBalancerName. * @param loadBalancerId - Identifier for the loadBalancerId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() * - .ifResourceTag() */ onLoadbalancerApp(loadBalancerName: string, loadBalancerId: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type loadbalancer/net/ to the statement * * https://docs.aws.amazon.com/elasticloadbalancing/latest/network/introduction.html#network-load-balancer-overview * * @param loadBalancerName - Identifier for the loadBalancerName. * @param loadBalancerId - Identifier for the loadBalancerId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() * - .ifResourceTag() */ onLoadbalancerNet(loadBalancerName: string, loadBalancerId: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type targetgroup to the statement * * https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-target-groups.html * * @param targetGroupName - Identifier for the targetGroupName. * @param targetGroupId - Identifier for the targetGroupId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() * - .ifResourceTag() */ onTargetgroup(targetGroupName: string, targetGroupId: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type truststore to the statement * * https://docs.aws.amazon.com/elasticloadbalancing/latest/application/trust-store.html * * @param trustStoreName - Identifier for the trustStoreName. * @param trustStoreId - Identifier for the trustStoreId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() * - .ifResourceTag() */ onTruststore(trustStoreName: string, trustStoreId: string, account?: string, region?: string, partition?: string): this; /** * Filters access by a tag key and value pair that is allowed in the request * * https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-requesttag * * Applies to actions: * - .toAddTags() * - .toCreateListener() * - .toCreateLoadBalancer() * - .toCreateRule() * - .toCreateTargetGroup() * - .toCreateTrustStore() * - .toRemoveTags() * * @param tagKey The tag key to check * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifAwsRequestTag(tagKey: string, value: string | string[], operator?: Operator | string): this; /** * Filters access by a tag key and value pair of a resource * * https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-resourcetag * * Applies to actions: * - .toAddListenerCertificates() * - .toAddTags() * - .toAddTrustStoreRevocations() * - .toCreateListener() * - .toCreateLoadBalancer() * - .toCreateRule() * - .toCreateTargetGroup() * - .toCreateTrustStore() * - .toCreateWebACLAssociation() * - .toDeleteListener() * - .toDeleteLoadBalancer() * - .toDeleteRule() * - .toDeleteSharedTrustStoreAssociation() * - .toDeleteTargetGroup() * - .toDeleteTrustStore() * - .toDeleteWebACLAssociation() * - .toDeregisterTargets() * - .toGetLoadBalancerWebACL() * - .toGetResourcePolicy() * - .toGetTrustStoreCaCertificatesBundle() * - .toGetTrustStoreRevocationContent() * - .toModifyCapacityReservation() * - .toModifyIpPools() * - .toModifyListener() * - .toModifyListenerAttributes() * - .toModifyLoadBalancerAttributes() * - .toModifyRule() * - .toModifyTargetGroup() * - .toModifyTargetGroupAttributes() * - .toModifyTrustStore() * - .toRegisterTargets() * - .toRemoveListenerCertificates() * - .toRemoveTags() * - .toRemoveTrustStoreRevocations() * - .toSetIpAddressType() * - .toSetSecurityGroups() * - .toSetSubnets() * * Applies to resource types: * - listener/gwy * - listener/app * - listener-rule/app * - listener/net * - listener-rule/net * - loadbalancer/gwy/ * - loadbalancer/app/ * - loadbalancer/net/ * - targetgroup * - truststore * * @param tagKey The tag key to check * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifAwsResourceTag(tagKey: string, value: string | string[], operator?: Operator | string): this; /** * Filters access by a list of tag keys that are allowed in the request * * https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-tagkeys * * Applies to actions: * - .toAddTags() * - .toCreateListener() * - .toCreateLoadBalancer() * - .toCreateRule() * - .toCreateTargetGroup() * - .toCreateTrustStore() * - .toRemoveTags() * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifAwsTagKeys(value: string | string[], operator?: Operator | string): this; /** * Filters access by the name of a resource-creating API action * * https://docs.aws.amazon.com/elasticloadbalancing/latest/userguide/tagging-resources-during-creation.html * * Applies to actions: * - .toAddTags() * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifCreateAction(value: string | string[], operator?: Operator | string): this; /** * Filters access by the listener protocol that is allowed in the request * * https://docs.aws.amazon.com/elasticloadbalancing/latest/userguide/security_iam_service-with-iam.html#listenerprotocol-condition * * Applies to actions: * - .toCreateListener() * - .toModifyListener() * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifListenerProtocol(value: string | string[], operator?: Operator | string): this; /** * Filters access by the preface string for a tag key and value pair that are attached to a resource * * https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-resourcetag * * Applies to actions: * - .toAddListenerCertificates() * - .toAddTags() * - .toAddTrustStoreRevocations() * - .toCreateListener() * - .toCreateLoadBalancer() * - .toCreateRule() * - .toCreateTargetGroup() * - .toCreateTrustStore() * - .toCreateWebACLAssociation() * - .toDeleteListener() * - .toDeleteLoadBalancer() * - .toDeleteRule() * - .toDeleteSharedTrustStoreAssociation() * - .toDeleteTargetGroup() * - .toDeleteTrustStore() * - .toDeleteWebACLAssociation() * - .toDeregisterTargets() * - .toGetLoadBalancerWebACL() * - .toGetResourcePolicy() * - .toGetTrustStoreCaCertificatesBundle() * - .toGetTrustStoreRevocationContent() * - .toModifyCapacityReservation() * - .toModifyIpPools() * - .toModifyListener() * - .toModifyListenerAttributes() * - .toModifyLoadBalancerAttributes() * - .toModifyRule() * - .toModifyTargetGroup() * - .toModifyTargetGroupAttributes() * - .toModifyTrustStore() * - .toRegisterTargets() * - .toRemoveListenerCertificates() * - .toRemoveTags() * - .toRemoveTrustStoreRevocations() * - .toSetIpAddressType() * - .toSetSecurityGroups() * - .toSetSubnets() * * Applies to resource types: * - listener/gwy * - listener/app * - listener-rule/app * - listener/net * - listener-rule/net * - loadbalancer/gwy/ * - loadbalancer/app/ * - loadbalancer/net/ * - targetgroup * - truststore * * @param tagKey The tag key to check * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifResourceTag(tagKey: string, value: string | string[], operator?: Operator | string): this; /** * Filters access by the load balancer scheme that is allowed in the request * * https://docs.aws.amazon.com/elasticloadbalancing/latest/userguide/security_iam_service-with-iam.html#scheme-condition * * Applies to actions: * - .toCreateLoadBalancer() * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifScheme(value: string | string[], operator?: Operator | string): this; /** * Filters access by the security-group IDs that are allowed in the request * * https://docs.aws.amazon.com/elasticloadbalancing/latest/userguide/security_iam_service-with-iam.html#securitygroup-condition * * Applies to actions: * - .toCreateLoadBalancer() * - .toSetSecurityGroups() * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifSecurityGroup(value: string | string[], operator?: Operator | string): this; /** * Filters access by the SSL Security Policies that are allowed in the request * * https://docs.aws.amazon.com/elasticloadbalancing/latest/userguide/security_iam_service-with-iam.html#securitypolicy-condition * * Applies to actions: * - .toCreateListener() * - .toModifyListener() * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifSecurityPolicy(value: string | string[], operator?: Operator | string): this; /** * Filters access by the subnet IDs that are allowed in the request * * https://docs.aws.amazon.com/elasticloadbalancing/latest/userguide/security_iam_service-with-iam.html#subnet-condition * * Applies to actions: * - .toCreateLoadBalancer() * - .toSetSubnets() * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifSubnet(value: string | string[], operator?: Operator | string): this; /** * Statement provider for service [elasticloadbalancing-v2](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awselasticloadbalancingv2.html). * */ constructor(props?: iam.PolicyStatementProps); }