cdk-iam-floyd
Version:
AWS IAM policy statement generator with fluent interface for AWS CDK
1,284 lines • 121 kB
JavaScript
"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.Guardduty = void 0;
const shared_1 = require("../../shared");
/**
* Statement provider for service [guardduty](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonguardduty.html).
*
* @param sid [SID](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_sid.html) of the statement
*/
class Guardduty extends shared_1.PolicyStatement {
/**
* Grants permission to accept invitations to become a GuardDuty member account
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_AcceptAdministratorInvitation.html
*/
toAcceptAdministratorInvitation() {
return this.to('AcceptAdministratorInvitation');
}
/**
* Grants permission to accept invitations to become a GuardDuty member account
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_AcceptInvitation.html
*/
toAcceptInvitation() {
return this.to('AcceptInvitation');
}
/**
* Grants permission to archive GuardDuty findings
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ArchiveFindings.html
*/
toArchiveFindings() {
return this.to('ArchiveFindings');
}
/**
* Grants permission to create a detector
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsResourceTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_CreateDetector.html
*/
toCreateDetector() {
return this.to('CreateDetector');
}
/**
* Grants permission to create GuardDuty filters. A filters defines finding attributes and conditions used to filter findings
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_CreateFilter.html
*/
toCreateFilter() {
return this.to('CreateFilter');
}
/**
* Grants permission to create an IPSet
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsResourceTag()
* - .ifAwsTagKeys()
*
* Dependent actions:
* - iam:DeleteRolePolicy
* - iam:PutRolePolicy
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_CreateIPSet.html
*/
toCreateIPSet() {
return this.to('CreateIPSet');
}
/**
* Grants permission to create a new Malware Protection plan
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsResourceTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_CreateMalwareProtectionPlan.html
*/
toCreateMalwareProtectionPlan() {
return this.to('CreateMalwareProtectionPlan');
}
/**
* Grants permission to create GuardDuty member accounts, where the account used to create a member becomes the GuardDuty administrator account
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_CreateMembers.html
*/
toCreateMembers() {
return this.to('CreateMembers');
}
/**
* Grants permission to create a publishing destination
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsResourceTag()
* - .ifAwsTagKeys()
*
* Dependent actions:
* - s3:GetObject
* - s3:ListBucket
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_CreatePublishingDestination.html
*/
toCreatePublishingDestination() {
return this.to('CreatePublishingDestination');
}
/**
* Grants permission to create sample findings
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_CreateSampleFindings.html
*/
toCreateSampleFindings() {
return this.to('CreateSampleFindings');
}
/**
* Grants permission to create GuardDuty ThreatEntitySets, where a ThreatEntitySet consists of known malicious IP addresses and/or domains used by GuardDuty to generate findings
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* Dependent actions:
* - s3:GetObject
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_CreateThreatEntitySet.html
*/
toCreateThreatEntitySet() {
return this.to('CreateThreatEntitySet');
}
/**
* Grants permission to create GuardDuty ThreatIntelSets, where a ThreatIntelSet consists of known malicious IP addresses used by GuardDuty to generate findings
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_CreateThreatIntelSet.html
*/
toCreateThreatIntelSet() {
return this.to('CreateThreatIntelSet');
}
/**
* Grants permission to create a TrustedEntitySet
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsResourceTag()
* - .ifAwsTagKeys()
*
* Dependent actions:
* - s3:GetObject
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_CreateTrustedEntitySet.html
*/
toCreateTrustedEntitySet() {
return this.to('CreateTrustedEntitySet');
}
/**
* Grants permission to decline invitations to become a GuardDuty member account
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeclineInvitations.html
*/
toDeclineInvitations() {
return this.to('DeclineInvitations');
}
/**
* Grants permission to delete GuardDuty detectors
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeleteDetector.html
*/
toDeleteDetector() {
return this.to('DeleteDetector');
}
/**
* Grants permission to delete GuardDuty filters
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeleteFilter.html
*/
toDeleteFilter() {
return this.to('DeleteFilter');
}
/**
* Grants permission to delete GuardDuty IPSets
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeleteIPSet.html
*/
toDeleteIPSet() {
return this.to('DeleteIPSet');
}
/**
* Grants permission to delete invitations to become a GuardDuty member account
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeleteInvitations.html
*/
toDeleteInvitations() {
return this.to('DeleteInvitations');
}
/**
* Grants permission to delete a Malware Protection plan
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeleteMalwareProtectionPlan.html
*/
toDeleteMalwareProtectionPlan() {
return this.to('DeleteMalwareProtectionPlan');
}
/**
* Grants permission to delete GuardDuty member accounts
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeleteMembers.html
*/
toDeleteMembers() {
return this.to('DeleteMembers');
}
/**
* Grants permission to delete a publishing destination
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeletePublishingDestination.html
*/
toDeletePublishingDestination() {
return this.to('DeletePublishingDestination');
}
/**
* Grants permission to delete GuardDuty ThreatEntitySets
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeleteThreatEntitySet.html
*/
toDeleteThreatEntitySet() {
return this.to('DeleteThreatEntitySet');
}
/**
* Grants permission to delete GuardDuty ThreatIntelSets
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeleteThreatIntelSet.html
*/
toDeleteThreatIntelSet() {
return this.to('DeleteThreatIntelSet');
}
/**
* Grants permission to delete GuardDuty TrustedEntitySets
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeleteTrustedEntitySet.html
*/
toDeleteTrustedEntitySet() {
return this.to('DeleteTrustedEntitySet');
}
/**
* Grants permission to retrieve details about malware scans
*
* Access Level: Read
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DescribeMalwareScans.html
*/
toDescribeMalwareScans() {
return this.to('DescribeMalwareScans');
}
/**
* Grants permission to retrieve details about the delegated administrator associated with a GuardDuty detector
*
* Access Level: Read
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DescribeOrganizationConfiguration.html
*/
toDescribeOrganizationConfiguration() {
return this.to('DescribeOrganizationConfiguration');
}
/**
* Grants permission to retrieve details about a publishing destination
*
* Access Level: Read
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DescribePublishingDestination.html
*/
toDescribePublishingDestination() {
return this.to('DescribePublishingDestination');
}
/**
* Grants permission to disable the organization delegated administrator for GuardDuty
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DisableOrganizationAdminAccount.html
*/
toDisableOrganizationAdminAccount() {
return this.to('DisableOrganizationAdminAccount');
}
/**
* Grants permission to disassociate a GuardDuty member account from its GuardDuty administrator account
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DisassociateFromAdministratorAccount.html
*/
toDisassociateFromAdministratorAccount() {
return this.to('DisassociateFromAdministratorAccount');
}
/**
* Grants permission to disassociate a GuardDuty member account from its GuardDuty administrator account
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DisassociateFromMasterAccount.html
*/
toDisassociateFromMasterAccount() {
return this.to('DisassociateFromMasterAccount');
}
/**
* Grants permission to disassociate GuardDuty member accounts from their administrator GuardDuty account
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DisassociateMembers.html
*/
toDisassociateMembers() {
return this.to('DisassociateMembers');
}
/**
* Grants permission to enable an organization delegated administrator for GuardDuty
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_EnableOrganizationAdminAccount.html
*/
toEnableOrganizationAdminAccount() {
return this.to('EnableOrganizationAdminAccount');
}
/**
* Grants permission to retrieve details of the GuardDuty administrator account associated with a member account
*
* Access Level: Read
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetAdministratorAccount.html
*/
toGetAdministratorAccount() {
return this.to('GetAdministratorAccount');
}
/**
* Grants permission to list Amazon GuardDuty coverage statistics for the specified GuardDuty account in a Region
*
* Access Level: Read
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetCoverageStatistics.html
*/
toGetCoverageStatistics() {
return this.to('GetCoverageStatistics');
}
/**
* Grants permission to retrieve GuardDuty detectors
*
* Access Level: Read
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetDetector.html
*/
toGetDetector() {
return this.to('GetDetector');
}
/**
* Grants permission to retrieve GuardDuty filters
*
* Access Level: Read
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetFilter.html
*/
toGetFilter() {
return this.to('GetFilter');
}
/**
* Grants permission to retrieve GuardDuty findings
*
* Access Level: Read
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetFindings.html
*/
toGetFindings() {
return this.to('GetFindings');
}
/**
* Grants permission to retrieve a list of GuardDuty finding statistics
*
* Access Level: Read
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetFindingsStatistics.html
*/
toGetFindingsStatistics() {
return this.to('GetFindingsStatistics');
}
/**
* Grants permission to retrieve GuardDuty IPSets
*
* Access Level: Read
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetIPSet.html
*/
toGetIPSet() {
return this.to('GetIPSet');
}
/**
* Grants permission to retrieve the count of all GuardDuty invitations sent to a specified account, which does not include the accepted invitation
*
* Access Level: Read
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetInvitationsCount.html
*/
toGetInvitationsCount() {
return this.to('GetInvitationsCount');
}
/**
* Grants permission to retrieve a Malware Protection plan details
*
* Access Level: Read
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetMalwareProtectionPlan.html
*/
toGetMalwareProtectionPlan() {
return this.to('GetMalwareProtectionPlan');
}
/**
* Grants permission to retrieve a malware scan's details
*
* Access Level: Read
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetMalwareScan.html
*/
toGetMalwareScan() {
return this.to('GetMalwareScan');
}
/**
* Grants permission to retrieve the malware scan settings
*
* Access Level: Read
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetMalwareScanSettings.html
*/
toGetMalwareScanSettings() {
return this.to('GetMalwareScanSettings');
}
/**
* Grants permission to retrieve details of the GuardDuty administrator account associated with a member account
*
* Access Level: Read
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetMasterAccount.html
*/
toGetMasterAccount() {
return this.to('GetMasterAccount');
}
/**
* Grants permission to describe which data sources are enabled for member accounts detectors
*
* Access Level: Read
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetMemberDetectors.html
*/
toGetMemberDetectors() {
return this.to('GetMemberDetectors');
}
/**
* Grants permission to retrieve the member accounts associated with an administrator account
*
* Access Level: Read
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetMembers.html
*/
toGetMembers() {
return this.to('GetMembers');
}
/**
* Grants permission to retrieve GuardDuty protection plan coverage statistics for member accounts in a Region
*
* Access Level: Read
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetOrganizationStatistics.html
*/
toGetOrganizationStatistics() {
return this.to('GetOrganizationStatistics');
}
/**
* Grants permission to provide the number of days left for each data source used in the free trial period
*
* Access Level: Read
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetRemainingFreeTrialDays.html
*/
toGetRemainingFreeTrialDays() {
return this.to('GetRemainingFreeTrialDays');
}
/**
* Grants permission to retrieve GuardDuty ThreatEntitySets
*
* Access Level: Read
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetThreatEntitySet.html
*/
toGetThreatEntitySet() {
return this.to('GetThreatEntitySet');
}
/**
* Grants permission to retrieve GuardDuty ThreatIntelSets
*
* Access Level: Read
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetThreatIntelSet.html
*/
toGetThreatIntelSet() {
return this.to('GetThreatIntelSet');
}
/**
* Grants permission to retrieve GuardDuty TrustedEntitySets
*
* Access Level: Read
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetTrustedEntitySet.html
*/
toGetTrustedEntitySet() {
return this.to('GetTrustedEntitySet');
}
/**
* Grants permission to list Amazon GuardDuty usage statistics over the last 30 days for the specified detector ID
*
* Access Level: Read
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetUsageStatistics.html
*/
toGetUsageStatistics() {
return this.to('GetUsageStatistics');
}
/**
* Grants permission to invite other AWS accounts to enable GuardDuty and become GuardDuty member accounts
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_InviteMembers.html
*/
toInviteMembers() {
return this.to('InviteMembers');
}
/**
* Grants permission to list all the resource details for a given account in a Region
*
* Access Level: List
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListCoverage.html
*/
toListCoverage() {
return this.to('ListCoverage');
}
/**
* Grants permission to retrieve a list of GuardDuty detectors
*
* Access Level: List
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListDetectors.html
*/
toListDetectors() {
return this.to('ListDetectors');
}
/**
* Grants permission to retrieve a list of GuardDuty filters
*
* Access Level: List
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListFilters.html
*/
toListFilters() {
return this.to('ListFilters');
}
/**
* Grants permission to retrieve a list of GuardDuty findings
*
* Access Level: List
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListFindings.html
*/
toListFindings() {
return this.to('ListFindings');
}
/**
* Grants permission to retrieve a list of GuardDuty IPSets
*
* Access Level: List
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListIPSets.html
*/
toListIPSets() {
return this.to('ListIPSets');
}
/**
* Grants permission to retrieve a list of all of the GuardDuty membership invitations that were sent to an AWS account
*
* Access Level: List
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListInvitations.html
*/
toListInvitations() {
return this.to('ListInvitations');
}
/**
* Grants permission to retrieve a list of Malware Protection plans
*
* Access Level: List
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListMalwareProtectionPlans.html
*/
toListMalwareProtectionPlans() {
return this.to('ListMalwareProtectionPlans');
}
/**
* Grants permission to retrieve a list of malware scans
*
* Access Level: List
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListMalwareScans.html
*/
toListMalwareScans() {
return this.to('ListMalwareScans');
}
/**
* Grants permission to retrieve a list of GuardDuty member accounts associated with an administrator account
*
* Access Level: List
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListMembers.html
*/
toListMembers() {
return this.to('ListMembers');
}
/**
* Grants permission to list details about the organization delegated administrator for GuardDuty
*
* Access Level: List
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListOrganizationAdminAccounts.html
*/
toListOrganizationAdminAccounts() {
return this.to('ListOrganizationAdminAccounts');
}
/**
* Grants permission to retrieve a list of publishing destinations
*
* Access Level: List
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListPublishingDestinations.html
*/
toListPublishingDestinations() {
return this.to('ListPublishingDestinations');
}
/**
* Grants permission to retrieve a list of tags associated with a GuardDuty resource
*
* Access Level: Read
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListTagsForResource.html
*/
toListTagsForResource() {
return this.to('ListTagsForResource');
}
/**
* Grants permission to retrieve a list of GuardDuty ThreatEntitySets
*
* Access Level: List
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListThreatEntitySets.html
*/
toListThreatEntitySets() {
return this.to('ListThreatEntitySets');
}
/**
* Grants permission to retrieve a list of GuardDuty ThreatIntelSets
*
* Access Level: List
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListThreatIntelSets.html
*/
toListThreatIntelSets() {
return this.to('ListThreatIntelSets');
}
/**
* Grants permission to retrieve a list of GuardDuty TrustedEntitySets
*
* Access Level: List
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListTrustedEntitySets.html
*/
toListTrustedEntitySets() {
return this.to('ListTrustedEntitySets');
}
/**
* Grants permission to initiate a new object malware scan
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_SendObjectMalwareScan.html
*/
toSendObjectMalwareScan() {
return this.to('SendObjectMalwareScan');
}
/**
* Grants permission to send security telemetry for a specific GuardDuty account in a Region
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_SendSecurityTelemetry.html
*/
toSendSecurityTelemetry() {
return this.to('SendSecurityTelemetry');
}
/**
* Grants permission to initiate a new malware scan
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_StartMalwareScan.html
*/
toStartMalwareScan() {
return this.to('StartMalwareScan');
}
/**
* Grants permission to a GuardDuty administrator account to monitor findings from GuardDuty member accounts
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_StartMonitoringMembers.html
*/
toStartMonitoringMembers() {
return this.to('StartMonitoringMembers');
}
/**
* Grants permission to disable monitoring findings from member accounts
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_StopMonitoringMembers.html
*/
toStopMonitoringMembers() {
return this.to('StopMonitoringMembers');
}
/**
* Grants permission to add tags to a GuardDuty resource
*
* Access Level: Tagging
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_TagResource.html
*/
toTagResource() {
return this.to('TagResource');
}
/**
* Grants permission to unarchive GuardDuty findings
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_UnarchiveFindings.html
*/
toUnarchiveFindings() {
return this.to('UnarchiveFindings');
}
/**
* Grants permission to remove tags from a GuardDuty resource
*
* Access Level: Tagging
*
* Possible conditions:
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_UntagResource.html
*/
toUntagResource() {
return this.to('UntagResource');
}
/**
* Grants permission to update GuardDuty detectors
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_UpdateDetector.html
*/
toUpdateDetector() {
return this.to('UpdateDetector');
}
/**
* Grants permission to updates GuardDuty filters
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_UpdateFilter.html
*/
toUpdateFilter() {
return this.to('UpdateFilter');
}
/**
* Grants permission to update findings feedback to mark GuardDuty findings as useful or not useful
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_UpdateFindingsFeedback.html
*/
toUpdateFindingsFeedback() {
return this.to('UpdateFindingsFeedback');
}
/**
* Grants permission to update GuardDuty IPSets
*
* Access Level: Write
*
* Dependent actions:
* - iam:DeleteRolePolicy
* - iam:PutRolePolicy
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_UpdateIPSet.html
*/
toUpdateIPSet() {
return this.to('UpdateIPSet');
}
/**
* Grants permission to update the Malware Protection plan
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_UpdateMalwareProtectionPlan.html
*/
toUpdateMalwareProtectionPlan() {
return this.to('UpdateMalwareProtectionPlan');
}
/**
* Grants permission to update the malware scan settings
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_UpdateMalwareScanSettings.html
*/
toUpdateMalwareScanSettings() {
return this.to('UpdateMalwareScanSettings');
}
/**
* Grants permission to update which data sources are enabled for member accounts detectors
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_UpdateMemberDetectors.html
*/
toUpdateMemberDetectors() {
return this.to('UpdateMemberDetectors');
}
/**
* Grants permission to update the delegated administrator configuration associated with a GuardDuty detector
*
* Access Level: Write
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_UpdateOrganizationConfiguration.html
*/
toUpdateOrganizationConfiguration() {
return this.to('UpdateOrganizationConfiguration');
}
/**
* Grants permission to update a publishing destination
*
* Access Level: Write
*
* Dependent actions:
* - s3:GetObject
* - s3:ListBucket
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_UpdatePublishingDestination.html
*/
toUpdatePublishingDestination() {
return this.to('UpdatePublishingDestination');
}
/**
* Grants permission to update GuardDuty ThreatEntitySets
*
* Access Level: Write
*
* Dependent actions:
* - s3:GetObject
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_UpdateThreatEntitySet.html
*/
toUpdateThreatEntitySet() {
return this.to('UpdateThreatEntitySet');
}
/**
* Grants permission to updates the GuardDuty ThreatIntelSets
*
* Access Level: Write
*
* Dependent actions:
* - iam:DeleteRolePolicy
* - iam:PutRolePolicy
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_UpdateThreatIntelSet.html
*/
toUpdateThreatIntelSet() {
return this.to('UpdateThreatIntelSet');
}
/**
* Grants permission to update GuardDuty TrustedEntitySets
*
* Access Level: Write
*
* Dependent actions:
* - s3:GetObject
*
* https://docs.aws.amazon.com/guardduty/latest/APIReference/API_UpdateTrustedEntitySet.html
*/
toUpdateTrustedEntitySet() {
return this.to('UpdateTrustedEntitySet');
}
/**
* Adds a resource of type detector to the statement
*
* https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_managing_access.html#guardduty-resources
*
* @param detectorId - Identifier for the detectorId.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onDetector(detectorId, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:guardduty:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:detector/${detectorId}`);
}
/**
* Adds a resource of type filter to the statement
*
* https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_managing_access.html#guardduty-resources
*
* @param detectorId - Identifier for the detectorId.
* @param filterName - Identifier for the filterName.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onFilter(detectorId, filterName, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:guardduty:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:detector/${detectorId}/filter/${filterName}`);
}
/**
* Adds a resource of type ipset to the statement
*
* https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_managing_access.html#guardduty-resources
*
* @param detectorId - Identifier for the detectorId.
* @param iPSetId - Identifier for the iPSetId.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onIpset(detectorId, iPSetId, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:guardduty:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:detector/${detectorId}/ipset/${iPSetId}`);
}
/**
* Adds a resource of type threatintelset to the statement
*
* https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_managing_access.html#guardduty-resources
*
* @param detectorId - Identifier for the detectorId.
* @param threatIntelSetId - Identifier for the threatIntelSetId.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onThreatintelset(detectorId, threatIntelSetId, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:guardduty:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:detector/${detectorId}/threatintelset/${threatIntelSetId}`);
}
/**
* Adds a resource of type trustedentityset to the statement
*
* https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_managing_access.html#guardduty-resources
*
* @param detectorId - Identifier for the detectorId.
* @param trustedEntitySetId - Identifier for the trustedEntitySetId.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onTrustedentityset(detectorId, trustedEntitySetId, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:guardduty:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:detector/${detectorId}/trustedentityset/${trustedEntitySetId}`);
}
/**
* Adds a resource of type threatentityset to the statement
*
* https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_managing_access.html#guardduty-resources
*
* @param detectorId - Identifier for the detectorId.
* @param threatEntitySetId - Identifier for the threatEntitySetId.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onThreatentityset(detectorId, threatEntitySetId, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:guardduty:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:detector/${detectorId}/threatentityset/${threatEntitySetId}`);
}
/**
* Adds a resource of type publishingDestination to the statement
*
* https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_managing_access.html#guardduty-resources
*
* @param detectorId - Identifier for the detectorId.
* @param publishingDestinationId - Identifier for the publishingDestinationId.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onPublishingDestination(detectorId, publishingDestinationId, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:guardduty:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:detector/${detectorId}/publishingdestination/${publishingDestinationId}`);
}
/**
* Adds a resource of type malwareprotectionplan to the statement
*
* https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_managing_access.html#guardduty-resources
*
* @param malwareProtectionPlanId - Identifier for the malwareProtectionPlanId.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onMalwareprotectionplan(malwareProtectionPlanId, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:guardduty:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:malware-protection-plan/${malwareProtectionPlanId}`);
}
/**
* Filters access by tag key-value pairs in the request
*
* https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-requesttag
*
* Applies to actions:
* - .toCreateDetector()
* - .toCreateFilter()
* - .toCreateIPSet()
* - .toCreateMalwareProtectionPlan()
* - .toCreatePublishingDestination()
* - .toCreateThreatEntitySet()
* - .toCreateThreatIntelSet()
* - .toCreateTrustedEntitySet()
* - .toTagResource()
*
* @param tagKey The tag key to check
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifAwsRequestTag(tagKey, value, operator) {
return this.if(`aws:RequestTag/${tagKey}`, value, operator ?? 'StringLike');
}
/**
* Filters access by tag key-value pairs attached to the resource
*
* https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-resourcetag
*
* Applies to actions:
* - .toCreateDetector()
* - .toCreateIPSet()
* - .toCreateMalwareProtectionPlan()
* - .toCreatePublishingDestination()
* - .toCreateTrustedEntitySet()
*
* Applies to resource types:
* - detector
* - filter
* - ipset
* - threatintelset
* - trustedentityset
* - threatentityset
* - publishingDestination
* - malwareprotectionplan
*
* @param tagKey The tag key to check
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifAwsResourceTag(tagKey, value, operator) {
return this.if(`aws:ResourceTag/${tagKey}`, value, operator ?? 'StringLike');
}
/**
* Filters access by tag keys in the request
*
* https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-tagkeys
*
* Applies to actions:
* - .toCreateDetector()
* - .toCreateFilter()
* - .toCreateIPSet()
* - .toCreateMalwareProtectionPlan()
* - .toCreatePublishingDestination()
* - .toCreateThreatEntitySet()
* - .toCreateThreatIntelSet()
* - .toCreateTrustedEntitySet()
* - .toTagResource()
* - .toUntagResource()
*
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifAwsTagKeys(value, operator) {
return this.if(`aws:TagKeys`, value, operator ?? 'StringLike');
}
/**
* Statement provider for service [guardduty](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonguardduty.html).
*
*/
constructor(props) {
super(props);
this.servicePrefix = 'guardduty';
this.accessLevelList = {
Write: [
'AcceptAdministratorInvitation',
'AcceptInvitation',
'ArchiveFindings',
'CreateDetector',
'CreateFilter',
'CreateIPSet',
'CreateMalwareProtectionPlan',
'CreateMembers',
'CreatePublishingDestination',
'CreateSampleFindings',
'CreateThreatEntitySet',
'CreateThreatIntelSet',
'CreateTrustedEntitySet',
'DeclineInvitations',
'DeleteDetector',
'DeleteFilter',
'DeleteIPSet',
'DeleteInvitations',
'DeleteMalwareProtectionPlan',
'DeleteMembers',
'DeletePublishingDestination',
'DeleteThreatEntitySet',
'DeleteThreatIntelSet',
'DeleteTrustedEntitySet',
'DisableOrganizationAdminAccount',
'DisassociateFromAdministratorAccount',
'DisassociateFromMasterAccount',
'DisassociateMembers',
'EnableOrganizationAdminAccount',
'InviteMembers',
'SendObjectMalwareScan',
'SendSecurityTelemetry',
'StartMalwareScan',
'StartMonitoringMembers',
'StopMonitoringMembers',
'UnarchiveFindings',
'UpdateDetector',
'UpdateFilter',
'UpdateFindingsFeedback',
'UpdateIPSet',
'UpdateMalwareProtectionPlan',
'UpdateMalwareScanSettings',
'UpdateMemberDetectors',
'UpdateOrganizationConfiguration',
'UpdatePublishingDestination',
'UpdateThreatEntitySet',
'UpdateThreatIntelSet',
'UpdateTrustedEntitySet'
],
Read: [
'DescribeMalwareScans',
'DescribeOrganizationConfiguration',
'DescribePublishingDestination',
'GetAdministratorAccount',
'GetCoverageStatistics',
'GetDetector',
'GetFilter',
'GetFindings',
'GetFindingsStatistics',
'GetIPSet',
'GetInvitationsCount',
'GetMalwareProtectionPlan',
'GetMalwareScan',
'GetMalwareScanSettings',
'GetMasterAccount',
'GetMemberDetectors',
'GetMembers',
'GetOrganizationStatistics',
'GetRemainingFreeTrialDays',
'GetThreatEntitySet',
'GetThreatIntelSet',
'GetTrustedEntitySet',
'GetUsageStatistics',
'ListTagsForResource'
],
List: [
'ListCoverage',
'ListDetectors',
'ListFilters',
'ListFindings',
'ListIPSets',
'ListInvitations',
'ListMalwareProtectionPlans',
'ListMalwareScans',
'ListMembers',
'ListOrganizationAdminAccounts',
'ListPublishingDestinations',
'ListThreatEntitySets',
'ListThreatIntelSets',
'ListTrustedEntitySets'
],
Tagging: [
'TagResource',
'UntagResource'
]
};
}
}
exports.Guardduty = Guardduty;
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZ3VhcmRkdXR5LmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiZ3VhcmRkdXR5LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUNBLHlDQUF5RDtBQUd6RDs7OztHQUlHO0FBQ0gsTUFBYSxTQUFVLFNBQVEsd0JBQWU7SUFHNUM7Ozs7OztPQU1HO0lBQ0ksK0JBQStCO1FBQ3BDLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQywrQkFBK0IsQ0FBQyxDQUFDO0lBQ2xELENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxrQkFBa0I7UUFDdkIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLGtCQUFrQixDQUFDLENBQUM7SUFDckMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLGlCQUFpQjtRQUN0QixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsaUJBQWlCLENBQUMsQ0FBQztJQUNwQyxDQUFDO0lBRUQ7Ozs7Ozs7Ozs7O09BV0c7SUFDSSxnQkFBZ0I7UUFDckIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLGdCQUFnQixDQUFDLENBQUM7SUFDbkMsQ0FBQztJQUVEOzs7Ozs7Ozs7O09BVUc7SUFDSSxjQUFjO1FBQ25CLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxjQUFjLENBQUMsQ0FBQztJQUNqQyxDQUFDO0lBRUQ7Ozs7Ozs7Ozs7Ozs7OztPQWVHO0lBQ0ksYUFBYTtRQUNsQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsYUFBYSxDQUFDLENBQUM7SUFDaEMsQ0FBQztJQUVEOzs7Ozs7Ozs7OztPQVdHO0lBQ0ksNkJBQTZCO1FBQ2xDLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyw2QkFBNkIsQ0FBQyxDQUFDO0lBQ2hELENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxlQUFlO1FBQ3BCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxlQUFlLENBQUMsQ0FBQztJQUNsQyxDQUFDO0lBRUQ7Ozs7Ozs7Ozs7Ozs7OztPQWVHO0lBQ0ksNkJBQTZCO1FBQ2xDLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyw2QkFBNkIsQ0FBQyxDQUFDO0lBQ2hELENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxzQkFBc0I7UUFDM0IsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLHNCQUFzQixDQUFDLENBQUM7SUFDekMsQ0FBQztJQUVEOzs7Ozs7Ozs7Ozs7O09BYUc7SUFDSSx1QkFBdUI7UUFDNUIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLHVCQUF1QixDQUFDLENBQUM7SUFDMUMsQ0FBQztJQUVEOzs7Ozs7Ozs7O09BVUc7SUFDSSxzQkFBc0I7UUFDM0IsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLHNCQUFzQixDQUFDLENBQUM7SUFDekMsQ0FBQztJQUVEOzs7Ozs7Ozs7Ozs7OztPQWNHO0lBQ0ksd0JBQXdCO1FBQzdCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyx3QkFBd0IsQ0FBQyxDQUFDO0lBQzNDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxvQkFBb0I7UUFDekIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLG9CQUFvQixDQUFDLENBQUM7SUFDdkMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLGdCQUFnQjtRQUNyQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsZ0JBQWdCLENBQUMsQ0FBQztJQUNuQyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksY0FBYztRQUNuQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsY0FBYyxDQUFDLENBQUM7SUFDakMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLGFBQWE7UUFDbEIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLGFBQWEsQ0FBQyxDQUFDO0lBQ2hDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxtQkFBbUI7UUFDeEIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLG1CQUFtQixDQUFDLENBQUM7SUFDdEMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLDZCQUE2QjtRQUNsQyxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsNkJBQTZCLENBQUMsQ0FBQztJQUNoRCxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksZUFBZTtRQUNwQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsZUFBZSxDQUFDLENBQUM7SUFDbEMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLDZCQUE2QjtRQUNsQyxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsNkJBQTZCLENBQUMsQ0FBQztJQUNoRCxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksdUJBQXVCO1FBQzVCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyx1QkFBdUIsQ0FBQyxDQUFDO0lBQzFDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxzQkFBc0I7UUFDM0IsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLHNCQUFzQixDQUFDLENBQUM7SUFDekMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLHdCQUF3QjtRQUM3QixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsd0JBQXdCLENBQUMsQ0FBQztJQUMzQyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksc0JBQXNCO1FBQzNCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxzQkFBc0IsQ0FBQyxDQUFDO0lBQ3pDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxtQ0FBbUM7UUFDeEMsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLG1DQUFtQyxDQUFDLENBQUM7SUFDdEQsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLCtCQUErQjtRQUNwQyxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsK0JBQStCLENBQUMsQ0FBQztJQUNsRCxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksaUNBQWlDO1FBQ3RDLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxpQ0FBaUMsQ0FBQyxDQUFDO0lBQ3BELENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxzQ0FBc0M7UUFDM0MsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLHNDQUFzQyxDQUFDLENBQUM7SUFDekQsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLCtCQUErQjtRQUNwQyxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsK0JBQStCLENBQUMsQ0FBQztJQUNsRCxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0kscUJBQXFCO1FBQzFCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxxQkFBcUIsQ0FBQyxDQUFDO0lBQ3hDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxnQ0FBZ0M7UUFDckMsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLGdDQUFnQyxDQUFDLENBQUM7SUFDbkQsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLHlCQUF5QjtRQUM5QixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMseUJBQXlCLENBQUMsQ0FBQztJQUM1QyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksdUJBQXVCO1FBQzVCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyx1QkFBdUIsQ0FBQyxDQUFDO0lBQzFDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxhQUFhO1FBQ2xCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxhQUFhLENBQUMsQ0FBQztJQUNoQyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksV0FBVztRQUNoQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsV0FBVyxDQUFDLENBQUM7SUFDOUIsQ0FBQztJQUVEOzs7Ozs7T0F