cdk-iam-floyd
Version:
AWS IAM policy statement generator with fluent interface for AWS CDK
1,100 lines • 105 kB
JavaScript
"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.Macie2 = void 0;
const shared_1 = require("../../shared");
/**
* Statement provider for service [macie2](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonmacie.html).
*
* @param sid [SID](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_sid.html) of the statement
*/
class Macie2 extends shared_1.PolicyStatement {
/**
* Grants permission to accept an Amazon Macie membership invitation
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/invitations-accept.html
*/
toAcceptInvitation() {
return this.to('AcceptInvitation');
}
/**
* Grants permission to retrieve information about one or more custom data identifiers
*
* Access Level: Read
*
* https://docs.aws.amazon.com/macie/latest/APIReference/custom-data-identifiers-get.html
*/
toBatchGetCustomDataIdentifiers() {
return this.to('BatchGetCustomDataIdentifiers');
}
/**
* Grants permission to an Amazon Macie administrator to change the status of automated sensitive data discovery for one or more accounts in their organization
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/automated-discovery-accounts.html
*/
toBatchUpdateAutomatedDiscoveryAccounts() {
return this.to('BatchUpdateAutomatedDiscoveryAccounts');
}
/**
* Grants permission to create and define the settings for an allow list
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/macie/latest/APIReference/allow-lists.html
*/
toCreateAllowList() {
return this.to('CreateAllowList');
}
/**
* Grants permission to create and define the settings for a sensitive data discovery job
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/macie/latest/APIReference/jobs.html
*/
toCreateClassificationJob() {
return this.to('CreateClassificationJob');
}
/**
* Grants permission to create and define the settings for a custom data identifier
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/macie/latest/APIReference/custom-data-identifiers.html
*/
toCreateCustomDataIdentifier() {
return this.to('CreateCustomDataIdentifier');
}
/**
* Grants permission to create and define the settings for a findings filter
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/macie/latest/APIReference/findingsfilters.html
*/
toCreateFindingsFilter() {
return this.to('CreateFindingsFilter');
}
/**
* Grants permission to send an Amazon Macie membership invitation
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/invitations.html
*/
toCreateInvitations() {
return this.to('CreateInvitations');
}
/**
* Grants permission to associate an account with an Amazon Macie administrator account
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/macie/latest/APIReference/members.html
*/
toCreateMember() {
return this.to('CreateMember');
}
/**
* Grants permission to create sample findings
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/findings-sample.html
*/
toCreateSampleFindings() {
return this.to('CreateSampleFindings');
}
/**
* Grants permission to decline Amazon Macie membership invitations
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/invitations-decline.html
*/
toDeclineInvitations() {
return this.to('DeclineInvitations');
}
/**
* Grants permission to delete an allow list
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/allow-lists-id.html
*/
toDeleteAllowList() {
return this.to('DeleteAllowList');
}
/**
* Grants permission to delete a custom data identifier
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/custom-data-identifiers-id.html
*/
toDeleteCustomDataIdentifier() {
return this.to('DeleteCustomDataIdentifier');
}
/**
* Grants permission to delete a findings filter
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/findingsfilters-id.html
*/
toDeleteFindingsFilter() {
return this.to('DeleteFindingsFilter');
}
/**
* Grants permission to delete Amazon Macie membership invitations
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/invitations-delete.html
*/
toDeleteInvitations() {
return this.to('DeleteInvitations');
}
/**
* Grants permission to delete the association between an Amazon Macie administrator account and an account
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/members-id.html
*/
toDeleteMember() {
return this.to('DeleteMember');
}
/**
* Grants permission to retrieve statistical data and other information about S3 buckets that Amazon Macie monitors and analyzes
*
* Access Level: Read
*
* https://docs.aws.amazon.com/macie/latest/APIReference/datasources-s3.html
*/
toDescribeBuckets() {
return this.to('DescribeBuckets');
}
/**
* Grants permission to retrieve information about the status and settings for a sensitive data discovery job
*
* Access Level: Read
*
* https://docs.aws.amazon.com/macie/latest/APIReference/jobs-jobid.html
*/
toDescribeClassificationJob() {
return this.to('DescribeClassificationJob');
}
/**
* Grants permission to retrieve information about the Amazon Macie configuration settings for an AWS organization
*
* Access Level: Read
*
* https://docs.aws.amazon.com/macie/latest/APIReference/admin-configuration.html
*/
toDescribeOrganizationConfiguration() {
return this.to('DescribeOrganizationConfiguration');
}
/**
* Grants permission to disable an Amazon Macie account, which also deletes Macie resources for the account
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/macie.html
*/
toDisableMacie() {
return this.to('DisableMacie');
}
/**
* Grants permission to disable an account as the delegated Amazon Macie administrator account for an AWS organization
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/admin.html
*/
toDisableOrganizationAdminAccount() {
return this.to('DisableOrganizationAdminAccount');
}
/**
* Grants permission to an Amazon Macie member account to disassociate from its Macie administrator account
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/administrator-disassociate.html
*/
toDisassociateFromAdministratorAccount() {
return this.to('DisassociateFromAdministratorAccount');
}
/**
* Grants permission to an Amazon Macie member account to disassociate from its Macie administrator account
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/master-disassociate.html
*/
toDisassociateFromMasterAccount() {
return this.to('DisassociateFromMasterAccount');
}
/**
* Grants permission to an Amazon Macie administrator account to disassociate from a Macie member account
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/members-disassociate-id.html
*/
toDisassociateMember() {
return this.to('DisassociateMember');
}
/**
* Grants permission to enable and specify the configuration settings for a new Amazon Macie account
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/macie.html
*/
toEnableMacie() {
return this.to('EnableMacie');
}
/**
* Grants permission to enable an account as the delegated Amazon Macie administrator account for an AWS organization
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/admin.html
*/
toEnableOrganizationAdminAccount() {
return this.to('EnableOrganizationAdminAccount');
}
/**
* Grants permission to retrieve information about the Amazon Macie administrator account for an account
*
* Access Level: Read
*
* https://docs.aws.amazon.com/macie/latest/APIReference/administrator.html
*/
toGetAdministratorAccount() {
return this.to('GetAdministratorAccount');
}
/**
* Grants permission to retrieve the settings and status of an allow list
*
* Access Level: Read
*
* https://docs.aws.amazon.com/macie/latest/APIReference/allow-lists-id.html
*/
toGetAllowList() {
return this.to('GetAllowList');
}
/**
* Grants permission to retrieve the configuration settings and status of automated sensitive data discovery for an Amazon Macie administrator account, organization, or standalone account
*
* Access Level: Read
*
* https://docs.aws.amazon.com/macie/latest/APIReference/automated-discovery-configuration.html
*/
toGetAutomatedDiscoveryConfiguration() {
return this.to('GetAutomatedDiscoveryConfiguration');
}
/**
* Grants permission to retrieve aggregated statistical data for all the S3 buckets that Amazon Macie monitors and analyzes
*
* Access Level: Read
*
* https://docs.aws.amazon.com/macie/latest/APIReference/datasources-s3-statistics.html
*/
toGetBucketStatistics() {
return this.to('GetBucketStatistics');
}
/**
* Grants permission to retrieve the settings for exporting sensitive data discovery results
*
* Access Level: Read
*
* https://docs.aws.amazon.com/macie/latest/APIReference/classification-export-configuration.html
*/
toGetClassificationExportConfiguration() {
return this.to('GetClassificationExportConfiguration');
}
/**
* Grants permission to retrieve the classification scope settings for an account
*
* Access Level: Read
*
* https://docs.aws.amazon.com/macie/latest/APIReference/classification-scopes-id.html
*/
toGetClassificationScope() {
return this.to('GetClassificationScope');
}
/**
* Grants permission to retrieve information about the settings for a custom data identifier
*
* Access Level: Read
*
* https://docs.aws.amazon.com/macie/latest/APIReference/custom-data-identifiers-id.html
*/
toGetCustomDataIdentifier() {
return this.to('GetCustomDataIdentifier');
}
/**
* Grants permission to retrieve aggregated statistical data about findings
*
* Access Level: Read
*
* https://docs.aws.amazon.com/macie/latest/APIReference/findings-statistics.html
*/
toGetFindingStatistics() {
return this.to('GetFindingStatistics');
}
/**
* Grants permission to retrieve the details of one or more findings
*
* Access Level: Read
*
* https://docs.aws.amazon.com/macie/latest/APIReference/findings-describe.html
*/
toGetFindings() {
return this.to('GetFindings');
}
/**
* Grants permission to retrieve information about the settings for a findings filter
*
* Access Level: Read
*
* https://docs.aws.amazon.com/macie/latest/APIReference/findingsfilters-id.html
*/
toGetFindingsFilter() {
return this.to('GetFindingsFilter');
}
/**
* Grants permission to retrieve the configuration settings for publishing findings to AWS Security Hub
*
* Access Level: Read
*
* https://docs.aws.amazon.com/macie/latest/APIReference/findings-publication-configuration.html
*/
toGetFindingsPublicationConfiguration() {
return this.to('GetFindingsPublicationConfiguration');
}
/**
* Grants permission to retrieve the count of Amazon Macie membership invitations that were received by an account
*
* Access Level: Read
*
* https://docs.aws.amazon.com/macie/latest/APIReference/invitations-count.html
*/
toGetInvitationsCount() {
return this.to('GetInvitationsCount');
}
/**
* Grants permission to retrieve information about the status and configuration settings for an Amazon Macie account
*
* Access Level: Read
*
* https://docs.aws.amazon.com/macie/latest/APIReference/macie.html
*/
toGetMacieSession() {
return this.to('GetMacieSession');
}
/**
* Grants permission to retrieve information about the Amazon Macie administrator account for an account
*
* Access Level: Read
*
* https://docs.aws.amazon.com/macie/latest/APIReference/master.html
*/
toGetMasterAccount() {
return this.to('GetMasterAccount');
}
/**
* Grants permission to retrieve information about an account that's associated with an Amazon Macie administrator account
*
* Access Level: Read
*
* https://docs.aws.amazon.com/macie/latest/APIReference/members-id.html
*/
toGetMember() {
return this.to('GetMember');
}
/**
* Grants permission to retrieve sensitive data discovery statistics and the sensitivity score for an S3 bucket
*
* Access Level: Read
*
* https://docs.aws.amazon.com/macie/latest/APIReference/resource-profiles.html
*/
toGetResourceProfile() {
return this.to('GetResourceProfile');
}
/**
* Grants permission to retrieve the status and configuration settings for retrieving occurrences of sensitive data reported by findings
*
* Access Level: Read
*
* https://docs.aws.amazon.com/macie/latest/APIReference/reveal-configuration.html
*/
toGetRevealConfiguration() {
return this.to('GetRevealConfiguration');
}
/**
* Grants permission to retrieve occurrences of sensitive data reported by a finding
*
* Access Level: Read
*
* https://docs.aws.amazon.com/macie/latest/APIReference/findings-findingid-reveal.html
*/
toGetSensitiveDataOccurrences() {
return this.to('GetSensitiveDataOccurrences');
}
/**
* Grants permission to check whether occurrences of sensitive data can be retrieved for a finding
*
* Access Level: Read
*
* https://docs.aws.amazon.com/macie/latest/APIReference/findings-findingid-reveal-availability.html
*/
toGetSensitiveDataOccurrencesAvailability() {
return this.to('GetSensitiveDataOccurrencesAvailability');
}
/**
* Grants permission to retrieve the sensitivity inspection template settings for an account
*
* Access Level: Read
*
* https://docs.aws.amazon.com/macie/latest/APIReference/templates-sensitivity-inspections-id.html
*/
toGetSensitivityInspectionTemplate() {
return this.to('GetSensitivityInspectionTemplate');
}
/**
* Grants permission to retrieve quotas and aggregated usage data for one or more accounts
*
* Access Level: Read
*
* https://docs.aws.amazon.com/macie/latest/APIReference/usage-statistics.html
*/
toGetUsageStatistics() {
return this.to('GetUsageStatistics');
}
/**
* Grants permission to retrieve aggregated usage data for an account
*
* Access Level: Read
*
* https://docs.aws.amazon.com/macie/latest/APIReference/usage.html
*/
toGetUsageTotals() {
return this.to('GetUsageTotals');
}
/**
* Grants permission to retrieve a subset of information about all the allow lists for an account
*
* Access Level: List
*
* https://docs.aws.amazon.com/macie/latest/APIReference/allow-lists.html
*/
toListAllowLists() {
return this.to('ListAllowLists');
}
/**
* Grants permission to retrieve the status of automated sensitive data discovery for an account
*
* Access Level: List
*
* https://docs.aws.amazon.com/macie/latest/APIReference/automated-discovery-accounts.html
*/
toListAutomatedDiscoveryAccounts() {
return this.to('ListAutomatedDiscoveryAccounts');
}
/**
* Grants permission to retrieve a subset of information about the status and settings for one or more sensitive data discovery jobs
*
* Access Level: List
*
* https://docs.aws.amazon.com/macie/latest/APIReference/jobs-list.html
*/
toListClassificationJobs() {
return this.to('ListClassificationJobs');
}
/**
* Grants permission to retrieve a subset of information about the classification scope for an account
*
* Access Level: List
*
* https://docs.aws.amazon.com/macie/latest/APIReference/classification-scopes.html
*/
toListClassificationScopes() {
return this.to('ListClassificationScopes');
}
/**
* Grants permission to retrieve information about all custom data identifiers
*
* Access Level: List
*
* https://docs.aws.amazon.com/macie/latest/APIReference/custom-data-identifiers-list.html
*/
toListCustomDataIdentifiers() {
return this.to('ListCustomDataIdentifiers');
}
/**
* Grants permission to retrieve a subset of information about one or more findings
*
* Access Level: List
*
* https://docs.aws.amazon.com/macie/latest/APIReference/findings.html
*/
toListFindings() {
return this.to('ListFindings');
}
/**
* Grants permission to retrieve information about all findings filters
*
* Access Level: List
*
* https://docs.aws.amazon.com/macie/latest/APIReference/findingsfilters.html
*/
toListFindingsFilters() {
return this.to('ListFindingsFilters');
}
/**
* Grants permission to retrieve information about all the Amazon Macie membership invitations that were received by an account
*
* Access Level: List
*
* https://docs.aws.amazon.com/macie/latest/APIReference/invitations.html
*/
toListInvitations() {
return this.to('ListInvitations');
}
/**
* Grants permission to retrieve information about managed data identifiers
*
* Access Level: List
*
* https://docs.aws.amazon.com/macie/latest/APIReference/managed-data-identifiers-list.html
*/
toListManagedDataIdentifiers() {
return this.to('ListManagedDataIdentifiers');
}
/**
* Grants permission to retrieve information about the Amazon Macie member accounts that are associated with a Macie administrator account
*
* Access Level: List
*
* https://docs.aws.amazon.com/macie/latest/APIReference/members.html
*/
toListMembers() {
return this.to('ListMembers');
}
/**
* Grants permission to retrieve information about the delegated Amazon Macie administrator account for an AWS organization
*
* Access Level: List
*
* https://docs.aws.amazon.com/macie/latest/APIReference/admin.html
*/
toListOrganizationAdminAccounts() {
return this.to('ListOrganizationAdminAccounts');
}
/**
* Grants permission to retrieve information about objects that Amazon Macie selected from an S3 bucket for automated sensitive data discovery
*
* Access Level: List
*
* https://docs.aws.amazon.com/macie/latest/APIReference/resource-profiles-artifacts.html
*/
toListResourceProfileArtifacts() {
return this.to('ListResourceProfileArtifacts');
}
/**
* Grants permission to retrieve information about the types and amount of sensitive data that Amazon Macie found in an S3 bucket
*
* Access Level: List
*
* https://docs.aws.amazon.com/macie/latest/APIReference/resource-profiles-detections.html
*/
toListResourceProfileDetections() {
return this.to('ListResourceProfileDetections');
}
/**
* Grants permission to retrieve a subset of information about the sensitivity inspection template for an account
*
* Access Level: List
*
* https://docs.aws.amazon.com/macie/latest/APIReference/templates-sensitivity-inspections.html
*/
toListSensitivityInspectionTemplates() {
return this.to('ListSensitivityInspectionTemplates');
}
/**
* Grants permission to retrieve the tags for an Amazon Macie resource
*
* Access Level: Read
*
* https://docs.aws.amazon.com/macie/latest/APIReference/tags-resourcearn.html
*/
toListTagsForResource() {
return this.to('ListTagsForResource');
}
/**
* Grants permission to create or update the settings for storing sensitive data discovery results
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/classification-export-configuration.html
*/
toPutClassificationExportConfiguration() {
return this.to('PutClassificationExportConfiguration');
}
/**
* Grants permission to update the configuration settings for publishing findings to AWS Security Hub
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/findings-publication-configuration.html
*/
toPutFindingsPublicationConfiguration() {
return this.to('PutFindingsPublicationConfiguration');
}
/**
* Grants permission to retrieve statistical data and other information about AWS resources that Amazon Macie monitors and analyzes
*
* Access Level: Read
*
* https://docs.aws.amazon.com/macie/latest/APIReference/datasources-search-resources.html
*/
toSearchResources() {
return this.to('SearchResources');
}
/**
* Grants permission to add or update the tags for an Amazon Macie resource
*
* Access Level: Tagging
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/macie/latest/APIReference/tags-resourcearn.html
*/
toTagResource() {
return this.to('TagResource');
}
/**
* Grants permission to test a custom data identifier
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/custom-data-identifiers-test.html
*/
toTestCustomDataIdentifier() {
return this.to('TestCustomDataIdentifier');
}
/**
* Grants permission to remove tags from an Amazon Macie resource
*
* Access Level: Tagging
*
* Possible conditions:
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/macie/latest/APIReference/tags-resourcearn.html
*/
toUntagResource() {
return this.to('UntagResource');
}
/**
* Grants permission to update the settings for an allow list
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/allow-lists-id.html
*/
toUpdateAllowList() {
return this.to('UpdateAllowList');
}
/**
* Grants permission to change the status of automated sensitive data discovery for an Amazon Macie administrator account, organization, or standalone account
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/automated-discovery-configuration.html
*/
toUpdateAutomatedDiscoveryConfiguration() {
return this.to('UpdateAutomatedDiscoveryConfiguration');
}
/**
* Grants permission to change the status of a sensitive data discovery job
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/macie/latest/APIReference/jobs-jobid.html
*/
toUpdateClassificationJob() {
return this.to('UpdateClassificationJob');
}
/**
* Grants permission to update the classification scope settings for an account
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/classification-scopes-id.html
*/
toUpdateClassificationScope() {
return this.to('UpdateClassificationScope');
}
/**
* Grants permission to update the settings for a findings filter
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/macie/latest/APIReference/findingsfilters-id.html
*/
toUpdateFindingsFilter() {
return this.to('UpdateFindingsFilter');
}
/**
* Grants permission to an Amazon Macie administrator account to suspend or re-enable Macie for a member account
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/macie.html
*/
toUpdateMacieSession() {
return this.to('UpdateMacieSession');
}
/**
* Grants permission to an Amazon Macie administrator account to suspend or re-enable a Macie member account
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/macie-members-id.html
*/
toUpdateMemberSession() {
return this.to('UpdateMemberSession');
}
/**
* Grants permission to update Amazon Macie configuration settings for an AWS organization
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/admin-configuration.html
*/
toUpdateOrganizationConfiguration() {
return this.to('UpdateOrganizationConfiguration');
}
/**
* Grants permission to update the sensitivity score for an S3 bucket
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/resource-profiles.html
*/
toUpdateResourceProfile() {
return this.to('UpdateResourceProfile');
}
/**
* Grants permission to update the sensitivity scoring settings for an S3 bucket
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/resource-profiles-detections.html
*/
toUpdateResourceProfileDetections() {
return this.to('UpdateResourceProfileDetections');
}
/**
* Grants permission to update the status and configuration settings for retrieving occurrences of sensitive data reported by findings
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/reveal-configuration.html
*/
toUpdateRevealConfiguration() {
return this.to('UpdateRevealConfiguration');
}
/**
* Grants permission to update the sensitivity inspection template settings for an account
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/templates-sensitivity-inspections-id.html
*/
toUpdateSensitivityInspectionTemplate() {
return this.to('UpdateSensitivityInspectionTemplate');
}
/**
* Adds a resource of type AllowList to the statement
*
* https://docs.aws.amazon.com/macie/latest/user/what-is-macie.html
*
* @param resourceId - Identifier for the resourceId.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onAllowList(resourceId, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:macie2:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:allow-list/${resourceId}`);
}
/**
* Adds a resource of type ClassificationJob to the statement
*
* https://docs.aws.amazon.com/macie/latest/user/what-is-macie.html
*
* @param resourceId - Identifier for the resourceId.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onClassificationJob(resourceId, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:macie2:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:classification-job/${resourceId}`);
}
/**
* Adds a resource of type CustomDataIdentifier to the statement
*
* https://docs.aws.amazon.com/macie/latest/user/what-is-macie.html.html
*
* @param resourceId - Identifier for the resourceId.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onCustomDataIdentifier(resourceId, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:macie2:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:custom-data-identifier/${resourceId}`);
}
/**
* Adds a resource of type FindingsFilter to the statement
*
* https://docs.aws.amazon.com/macie/latest/user/what-is-macie.html
*
* @param resourceId - Identifier for the resourceId.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onFindingsFilter(resourceId, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:macie2:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:findings-filter/${resourceId}`);
}
/**
* Adds a resource of type Member to the statement
*
* https://docs.aws.amazon.com/macie/latest/user/what-is-macie.html
*
* @param resourceId - Identifier for the resourceId.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onMember(resourceId, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:macie2:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:member/${resourceId}`);
}
/**
* Filters access by a tag key and value pair that is allowed in the request
*
* https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-requesttag
*
* Applies to actions:
* - .toCreateAllowList()
* - .toCreateClassificationJob()
* - .toCreateCustomDataIdentifier()
* - .toCreateFindingsFilter()
* - .toCreateMember()
* - .toTagResource()
* - .toUpdateClassificationJob()
* - .toUpdateFindingsFilter()
*
* @param tagKey The tag key to check
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifAwsRequestTag(tagKey, value, operator) {
return this.if(`aws:RequestTag/${tagKey}`, value, operator ?? 'StringLike');
}
/**
* Filters access by a tag key and value pair of a resource
*
* https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-resourcetag
*
* Applies to resource types:
* - AllowList
* - ClassificationJob
* - CustomDataIdentifier
* - FindingsFilter
* - Member
*
* @param tagKey The tag key to check
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifAwsResourceTag(tagKey, value, operator) {
return this.if(`aws:ResourceTag/${tagKey}`, value, operator ?? 'StringLike');
}
/**
* Filters access by the presence of tag keys in the request
*
* https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-tagkeys
*
* Applies to actions:
* - .toCreateAllowList()
* - .toCreateClassificationJob()
* - .toCreateCustomDataIdentifier()
* - .toCreateFindingsFilter()
* - .toCreateMember()
* - .toTagResource()
* - .toUntagResource()
* - .toUpdateClassificationJob()
* - .toUpdateFindingsFilter()
*
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifAwsTagKeys(value, operator) {
return this.if(`aws:TagKeys`, value, operator ?? 'StringLike');
}
/**
* Statement provider for service [macie2](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonmacie.html).
*
*/
constructor(props) {
super(props);
this.servicePrefix = 'macie2';
this.accessLevelList = {
Write: [
'AcceptInvitation',
'BatchUpdateAutomatedDiscoveryAccounts',
'CreateAllowList',
'CreateClassificationJob',
'CreateCustomDataIdentifier',
'CreateFindingsFilter',
'CreateInvitations',
'CreateMember',
'CreateSampleFindings',
'DeclineInvitations',
'DeleteAllowList',
'DeleteCustomDataIdentifier',
'DeleteFindingsFilter',
'DeleteInvitations',
'DeleteMember',
'DisableMacie',
'DisableOrganizationAdminAccount',
'DisassociateFromAdministratorAccount',
'DisassociateFromMasterAccount',
'DisassociateMember',
'EnableMacie',
'EnableOrganizationAdminAccount',
'PutClassificationExportConfiguration',
'PutFindingsPublicationConfiguration',
'TestCustomDataIdentifier',
'UpdateAllowList',
'UpdateAutomatedDiscoveryConfiguration',
'UpdateClassificationJob',
'UpdateClassificationScope',
'UpdateFindingsFilter',
'UpdateMacieSession',
'UpdateMemberSession',
'UpdateOrganizationConfiguration',
'UpdateResourceProfile',
'UpdateResourceProfileDetections',
'UpdateRevealConfiguration',
'UpdateSensitivityInspectionTemplate'
],
Read: [
'BatchGetCustomDataIdentifiers',
'DescribeBuckets',
'DescribeClassificationJob',
'DescribeOrganizationConfiguration',
'GetAdministratorAccount',
'GetAllowList',
'GetAutomatedDiscoveryConfiguration',
'GetBucketStatistics',
'GetClassificationExportConfiguration',
'GetClassificationScope',
'GetCustomDataIdentifier',
'GetFindingStatistics',
'GetFindings',
'GetFindingsFilter',
'GetFindingsPublicationConfiguration',
'GetInvitationsCount',
'GetMacieSession',
'GetMasterAccount',
'GetMember',
'GetResourceProfile',
'GetRevealConfiguration',
'GetSensitiveDataOccurrences',
'GetSensitiveDataOccurrencesAvailability',
'GetSensitivityInspectionTemplate',
'GetUsageStatistics',
'GetUsageTotals',
'ListTagsForResource',
'SearchResources'
],
List: [
'ListAllowLists',
'ListAutomatedDiscoveryAccounts',
'ListClassificationJobs',
'ListClassificationScopes',
'ListCustomDataIdentifiers',
'ListFindings',
'ListFindingsFilters',
'ListInvitations',
'ListManagedDataIdentifiers',
'ListMembers',
'ListOrganizationAdminAccounts',
'ListResourceProfileArtifacts',
'ListResourceProfileDetections',
'ListSensitivityInspectionTemplates'
],
Tagging: [
'TagResource',
'UntagResource'
]
};
}
}
exports.Macie2 = Macie2;
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoibWFjaWUuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyJtYWNpZS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFDQSx5Q0FBeUQ7QUFHekQ7Ozs7R0FJRztBQUNILE1BQWEsTUFBTyxTQUFRLHdCQUFlO0lBR3pDOzs7Ozs7T0FNRztJQUNJLGtCQUFrQjtRQUN2QixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsa0JBQWtCLENBQUMsQ0FBQztJQUNyQyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksK0JBQStCO1FBQ3BDLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQywrQkFBK0IsQ0FBQyxDQUFDO0lBQ2xELENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSx1Q0FBdUM7UUFDNUMsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLHVDQUF1QyxDQUFDLENBQUM7SUFDMUQsQ0FBQztJQUVEOzs7Ozs7Ozs7O09BVUc7SUFDSSxpQkFBaUI7UUFDdEIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLGlCQUFpQixDQUFDLENBQUM7SUFDcEMsQ0FBQztJQUVEOzs7Ozs7Ozs7O09BVUc7SUFDSSx5QkFBeUI7UUFDOUIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLHlCQUF5QixDQUFDLENBQUM7SUFDNUMsQ0FBQztJQUVEOzs7Ozs7Ozs7O09BVUc7SUFDSSw0QkFBNEI7UUFDakMsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLDRCQUE0QixDQUFDLENBQUM7SUFDL0MsQ0FBQztJQUVEOzs7Ozs7Ozs7O09BVUc7SUFDSSxzQkFBc0I7UUFDM0IsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLHNCQUFzQixDQUFDLENBQUM7SUFDekMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLG1CQUFtQjtRQUN4QixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsbUJBQW1CLENBQUMsQ0FBQztJQUN0QyxDQUFDO0lBRUQ7Ozs7Ozs7Ozs7T0FVRztJQUNJLGNBQWM7UUFDbkIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLGNBQWMsQ0FBQyxDQUFDO0lBQ2pDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxzQkFBc0I7UUFDM0IsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLHNCQUFzQixDQUFDLENBQUM7SUFDekMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLG9CQUFvQjtRQUN6QixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsb0JBQW9CLENBQUMsQ0FBQztJQUN2QyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksaUJBQWlCO1FBQ3RCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxpQkFBaUIsQ0FBQyxDQUFDO0lBQ3BDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSw0QkFBNEI7UUFDakMsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLDRCQUE0QixDQUFDLENBQUM7SUFDL0MsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLHNCQUFzQjtRQUMzQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsc0JBQXNCLENBQUMsQ0FBQztJQUN6QyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksbUJBQW1CO1FBQ3hCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxtQkFBbUIsQ0FBQyxDQUFDO0lBQ3RDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxjQUFjO1FBQ25CLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxjQUFjLENBQUMsQ0FBQztJQUNqQyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksaUJBQWlCO1FBQ3RCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxpQkFBaUIsQ0FBQyxDQUFDO0lBQ3BDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSwyQkFBMkI7UUFDaEMsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLDJCQUEyQixDQUFDLENBQUM7SUFDOUMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLG1DQUFtQztRQUN4QyxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsbUNBQW1DLENBQUMsQ0FBQztJQUN0RCxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksY0FBYztRQUNuQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsY0FBYyxDQUFDLENBQUM7SUFDakMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLGlDQUFpQztRQUN0QyxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsaUNBQWlDLENBQUMsQ0FBQztJQUNwRCxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksc0NBQXNDO1FBQzNDLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxzQ0FBc0MsQ0FBQyxDQUFDO0lBQ3pELENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSwrQkFBK0I7UUFDcEMsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLCtCQUErQixDQUFDLENBQUM7SUFDbEQsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLG9CQUFvQjtRQUN6QixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsb0JBQW9CLENBQUMsQ0FBQztJQUN2QyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksYUFBYTtRQUNsQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsYUFBYSxDQUFDLENBQUM7SUFDaEMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLGdDQUFnQztRQUNyQyxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsZ0NBQWdDLENBQUMsQ0FBQztJQUNuRCxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0kseUJBQXlCO1FBQzlCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyx5QkFBeUIsQ0FBQyxDQUFDO0lBQzVDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxjQUFjO1FBQ25CLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxjQUFjLENBQUMsQ0FBQztJQUNqQyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksb0NBQW9DO1FBQ3pDLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxvQ0FBb0MsQ0FBQyxDQUFDO0lBQ3ZELENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxxQkFBcUI7UUFDMUIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLHFCQUFxQixDQUFDLENBQUM7SUFDeEMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLHNDQUFzQztRQUMzQyxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsc0NBQXNDLENBQUMsQ0FBQztJQUN6RCxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksd0JBQXdCO1FBQzdCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyx3QkFBd0IsQ0FBQyxDQUFDO0lBQzNDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSx5QkFBeUI7UUFDOUIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLHlCQUF5QixDQUFDLENBQUM7SUFDNUMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLHNCQUFzQjtRQUMzQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsc0JBQXNCLENBQUMsQ0FBQztJQUN6QyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksYUFBYTtRQUNsQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsYUFBYSxDQUFDLENBQUM7SUFDaEMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLG1CQUFtQjtRQUN4QixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsbUJBQW1CLENBQUMsQ0FBQztJQUN0QyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0kscUNBQXFDO1FBQzFDLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxxQ0FBcUMsQ0FBQyxDQUFDO0lBQ3hELENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxxQkFBcUI7UUFDMUIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLHFCQUFxQixDQUFDLENBQUM7SUFDeEMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLGlCQUFpQjtRQUN0QixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsaUJBQWlCLENBQUMsQ0FBQztJQUNwQyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksa0JBQWtCO1FBQ3ZCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxrQkFBa0IsQ0FBQyxDQUFDO0lBQ3JDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxXQUFXO1FBQ2hCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxXQUFXLENBQUMsQ0FBQztJQUM5QixDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksb0JBQW9CO1FBQ3pCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxvQkFBb0IsQ0FBQyxDQUFDO0lBQ3ZDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSx3QkFBd0I7UUFDN0IsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLHdCQUF3QixDQUFDLENBQUM7SUFDM0MsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLDZCQUE2QjtRQUNsQyxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsNkJBQTZCLENBQUMsQ0FBQztJQUNoRCxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0kseUNBQXlDO1FBQzlDLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyx5Q0FBeUMsQ0FBQyxDQUFDO0lBQzVELENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxrQ0FBa0M7UUFDdkMsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLGtDQUFrQyxDQUFDLENBQUM7SUFDckQsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLG9CQUFvQjtRQUN6QixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsb0JBQW9CLENBQUMsQ0FBQztJQUN2QyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksZ0JBQWdCO1FBQ3JCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxnQkFBZ0IsQ0FBQyxDQUFDO0lBQ25DLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxnQkFBZ0I7UUFDckIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLGdCQUFnQixDQUFDLENBQUM7SUFDbkMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLGdDQUFnQztRQUNyQyxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsZ0NBQWdDLENBQUMsQ0FBQztJQUNuRCxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksd0JBQXdCO1FBQzdCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyx3QkFBd0IsQ0FBQyxDQUFDO0lBQzNDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSwwQkFBMEI7UUFDL0IsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLDBCQUEwQixDQUFDLENBQUM7SUFDN0MsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLDJCQUEyQjtRQUNoQyxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsMkJBQTJCLENBQUMsQ0FBQztJQUM5QyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksY0FBYztRQUNuQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsY0FBYyxDQUFDLENBQUM7SUFDakMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLHFCQUFxQjtRQUMxQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMscUJBQXFCLENBQUMsQ0FBQztJQUN4QyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksaUJBQWlCO1FBQ3RCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxpQkFBaUIsQ0FBQyxDQUFDO0lBQ3BDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSw0QkFBNEI7UUFDakMsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLDRCQUE0QixDQUFDLENBQUM7SUFDL0MsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLGFBQWE7UUFDbEIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLGFBQWEsQ0FBQyxDQUFDO0lBQ2hDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSwrQkFBK0I7UUFDcEMsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLCtCQUErQixDQUFDLENBQUM7SUFDbEQsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLDhCQUE4QjtRQUNuQyxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsOEJBQThCLENBQUMsQ0FBQztJQUNqRCxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksK0JBQStCO1FBQ3BDLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQywrQkFBK0IsQ0FBQyxDQUFDO0lBQ2xELENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxvQ0FBb0M7UUFDekMsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLG9DQUFvQyxDQUFDLENBQUM7SUFDdkQsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLHFCQUFxQjtRQUMxQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMscUJBQXFCLENBQUMsQ0FBQztJQUN4QyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksc0NBQXNDO1FBQzNDLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxzQ0FBc0MsQ0FBQyxDQUFDO0lBQ3pELENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxxQ0FBcUM7UUFDMUMsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLHFDQUFxQyxDQUFDLENBQUM7SUFDeEQsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLGlCQUFpQjtRQUN0QixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsaUJBQWlCLENBQUMsQ0FBQztJQUNwQyxDQUFDO0lBRUQ7Ozs7Ozs7Ozs7T0FVRztJQUNJLGFBQWE7UUFDbEIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLGFBQWEsQ0FBQyxDQUFDO0lBQ2hDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSwwQkFBMEI7UUFDL0IsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLDBCQUEwQixDQUFDLENBQUM7SUFDN0MsQ0FBQztJQUVEOzs7Ozs7Ozs7T0FTRztJQUNJLGVBQWU7UUFDcEIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLGVBQWUsQ0FBQyxDQUFDO0lBQ2xDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxpQkFBaUI7UUFDdEIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLGlCQUFpQixDQUFDLENBQUM7SUFDcEMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLHVDQUF1QztRQUM1QyxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsdUNBQXVDLENBQUMsQ0FBQztJQUMxRCxDQUFDO0lBRUQ7Ozs7Ozs7Ozs7T0FVRztJQUNJLHlCQUF5QjtRQUM5QixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMseUJBQXlCLENBQUMsQ0FBQztJQUM1QyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksMkJBQTJCO1FBQ2hDLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQywyQkFBMkIsQ0FBQyxDQUFDO0lBQzlDLENBQUM7SUFFRDs7Ozs7Ozs7OztPQVVHO0lBQ0ksc0JBQXNCO1FBQzNCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxzQkFBc0IsQ0FBQyxDQUFDO0lBQ3pDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxvQkFBb0I7UUFDekIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLG9CQUFvQixDQUFDLENBQUM7SUFDdkMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLHFCQUFxQjtRQUMxQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMscUJBQXFCLENBQUMsQ0FBQztJQUN4QyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksaUNBQWlDO1FBQ3RDLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxpQ0FBaUMsQ0FBQyxDQUFDO0lBQ3BELENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSx1QkFBdUI7UUFDNUIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLHVCQUF1QixDQUFDLENBQUM7SUFDMUMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLGlDQUFpQztRQUN0QyxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsaUNBQWlDLENBQUMsQ0FBQztJQUNwRCxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksMkJBQTJCO1FBQ2hDLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQywyQkFBMkIsQ0FBQyxDQUFDO0lBQzlDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxxQ0FBcUM7UUFDMUMsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLHFDQUFxQyxDQUFDLENBQUM7SUFDeEQsQ0FBQztJQThGRDs7Ozs7Ozs7Ozs7O09BWUc7SUFDSSxXQUFXLENBQUMsVUFBa0IsRUFBRSxPQUFnQixFQUFFLE1BQWUsRUFBRSxTQUFrQjtRQUMxRixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsT0FBUSxTQUFTLElBQUksSUFBSSxDQUFDLGdCQUFpQixXQUFZLE1BQU0sSUFBSSxJQUFJLENBQUMsYUFBYyxJQUFLLE9BQU8sSUFBSSxJQUFJLENBQUMsY0FBZSxlQUFnQixVQUFXLEVBQUUsQ0FBQyxDQUFDO0lBQ3hLLENBQUM7SUFFRDs7Ozs7Ozs7Ozs7O09BWUc7SUFDSSxtQkFBbUIsQ0FBQyxVQUFrQixFQUFFLE9BQWdCLEVBQUUsTUFBZSxFQUFFLFNBQWtCO1FBQ2xHLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxPQUFRLFNBQVMsSUFBSSxJQUFJLENBQUMsZ0JBQWlCLFdBQVksTUFBTSxJQUFJLElBQUksQ0FBQyxhQUFjLElBQUssT0FBTyxJQUFJLElBQUksQ0FBQyxjQUFlLHVCQUF3QixVQUFXLEVBQUUsQ0FBQyxDQUFDO0lBQ2hMLENBQUM7SUFFRDs7Ozs7Ozs7Ozs7O09BWUc7SUFDSSxzQkFBc0IsQ0FBQyxVQUFrQixFQUFFLE9BQWdCLEVBQUUsTUFBZSxFQUFFLFNBQWtCO1FBQ3JHLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxPQUFRLFNBQVMsSUFBSSxJQUFJLENBQUMsZ0JBQWlCLFdBQVksTUFBTSxJQUFJLElBQUksQ0