cdk-iam-floyd
Version:
AWS IAM policy statement generator with fluent interface for AWS CDK
1,177 lines • 115 kB
JavaScript
"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.NetworkFirewall = void 0;
const shared_1 = require("../../shared");
/**
* Statement provider for service [network-firewall](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsnetworkfirewall.html).
*
* @param sid [SID](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_sid.html) of the statement
*/
class NetworkFirewall extends shared_1.PolicyStatement {
/**
* Grants permission to accept pending Network Firewall attachments on a transit gateway
*
* Access Level: Write
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_AcceptNetworkFirewallTransitGatewayAttachment.html
*/
toAcceptNetworkFirewallTransitGatewayAttachment() {
return this.to('AcceptNetworkFirewallTransitGatewayAttachment');
}
/**
* Grants permission to associate availability zones to a firewall
*
* Access Level: Write
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_AssociateAvailabilityZones.html
*/
toAssociateAvailabilityZones() {
return this.to('AssociateAvailabilityZones');
}
/**
* Grants permission to create an association between a firewall policy and a firewall
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_AssociateFirewallPolicy.html
*/
toAssociateFirewallPolicy() {
return this.to('AssociateFirewallPolicy');
}
/**
* Grants permission to associate VPC subnets to a firewall
*
* Access Level: Write
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_AssociateSubnets.html
*/
toAssociateSubnets() {
return this.to('AssociateSubnets');
}
/**
* Grants permission to attach proxy rule groups to a proxy configuration
*
* Access Level: Write
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_AttachRuleGroupsToProxyConfiguration.html
*/
toAttachRuleGroupsToProxyConfiguration() {
return this.to('AttachRuleGroupsToProxyConfiguration');
}
/**
* Grants permission to create an AWS Network Firewall firewall
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* Dependent actions:
* - iam:CreateServiceLinkedRole
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_CreateFirewall.html
*/
toCreateFirewall() {
return this.to('CreateFirewall');
}
/**
* Grants permission to create an AWS Network Firewall firewall policy
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_CreateFirewallPolicy.html
*/
toCreateFirewallPolicy() {
return this.to('CreateFirewallPolicy');
}
/**
* Grants permission to create an AWS Network Firewall proxy
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* Dependent actions:
* - ec2:AttachApplianceToNatGateway
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_CreateProxy.html
*/
toCreateProxy() {
return this.to('CreateProxy');
}
/**
* Grants permission to create an AWS Network Firewall proxy configuration
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_CreateProxyConfiguration.html
*/
toCreateProxyConfiguration() {
return this.to('CreateProxyConfiguration');
}
/**
* Grants permission to create an AWS Network Firewall proxy rule group
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_CreateProxyRuleGroup.html
*/
toCreateProxyRuleGroup() {
return this.to('CreateProxyRuleGroup');
}
/**
* Grants permission to add proxy rules to a proxy rule group
*
* Access Level: Write
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_CreateProxyRules.html
*/
toCreateProxyRules() {
return this.to('CreateProxyRules');
}
/**
* Grants permission to create an AWS Network Firewall rule group
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_CreateRuleGroup.html
*/
toCreateRuleGroup() {
return this.to('CreateRuleGroup');
}
/**
* Grants permission to create an AWS Network Firewall tls inspection configuration
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* Dependent actions:
* - iam:CreateServiceLinkedRole
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_CreateTLSInspectionConfiguration.html
*/
toCreateTLSInspectionConfiguration() {
return this.to('CreateTLSInspectionConfiguration');
}
/**
* Grants permission to create an AWS Network Firewall vpc endpoint association
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* Dependent actions:
* - iam:CreateServiceLinkedRole
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_CreateVpcEndpointAssociation.html
*/
toCreateVpcEndpointAssociation() {
return this.to('CreateVpcEndpointAssociation');
}
/**
* Grants permission to delete a firewall
*
* Access Level: Write
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DeleteFirewall.html
*/
toDeleteFirewall() {
return this.to('DeleteFirewall');
}
/**
* Grants permission to delete a firewall policy
*
* Access Level: Write
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DeleteFirewallPolicy.html
*/
toDeleteFirewallPolicy() {
return this.to('DeleteFirewallPolicy');
}
/**
* Grants permission to delete Network Firewall attachments on a transit gateway
*
* Access Level: Write
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DeleteNetworkFirewallTransitGatewayAttachment.html
*/
toDeleteNetworkFirewallTransitGatewayAttachment() {
return this.to('DeleteNetworkFirewallTransitGatewayAttachment');
}
/**
* Grants permission to delete a proxy
*
* Access Level: Write
*
* Dependent actions:
* - ec2:DetachApplianceFromNatGateway
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DeleteProxy.html
*/
toDeleteProxy() {
return this.to('DeleteProxy');
}
/**
* Grants permission to delete a proxy configuration
*
* Access Level: Write
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DeleteProxyConfiguration.html
*/
toDeleteProxyConfiguration() {
return this.to('DeleteProxyConfiguration');
}
/**
* Grants permission to delete a proxy rule group
*
* Access Level: Write
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DeleteProxyRuleGroup.html
*/
toDeleteProxyRuleGroup() {
return this.to('DeleteProxyRuleGroup');
}
/**
* Grants permission to remove proxy rules from a proxy rule group
*
* Access Level: Write
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DeleteProxyRules.html
*/
toDeleteProxyRules() {
return this.to('DeleteProxyRules');
}
/**
* Grants permission to delete a resource policy for a firewall policy or rule group or firewall
*
* Access Level: Write
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DeleteResourcePolicy.html
*/
toDeleteResourcePolicy() {
return this.to('DeleteResourcePolicy');
}
/**
* Grants permission to delete a rule group
*
* Access Level: Write
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DeleteRuleGroup.html
*/
toDeleteRuleGroup() {
return this.to('DeleteRuleGroup');
}
/**
* Grants permission to delete a tls inspection configuration
*
* Access Level: Write
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DeleteTLSInspectionConfiguration.html
*/
toDeleteTLSInspectionConfiguration() {
return this.to('DeleteTLSInspectionConfiguration');
}
/**
* Grants permission to delete a vpc endpoint association
*
* Access Level: Write
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DeleteVpcEndpointAssociation.html
*/
toDeleteVpcEndpointAssociation() {
return this.to('DeleteVpcEndpointAssociation');
}
/**
* Grants permission to retrieve the data objects that define a firewall
*
* Access Level: Read
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DescribeFirewall.html
*/
toDescribeFirewall() {
return this.to('DescribeFirewall');
}
/**
* Grants permission to retrieve the high-level information about a firewall
*
* Access Level: Read
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DescribeFirewallMetadata.html
*/
toDescribeFirewallMetadata() {
return this.to('DescribeFirewallMetadata');
}
/**
* Grants permission to retrieve the data objects that define a firewall policy
*
* Access Level: Read
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DescribeFirewallPolicy.html
*/
toDescribeFirewallPolicy() {
return this.to('DescribeFirewallPolicy');
}
/**
* Grants permission to describe a flow operation performed on a firewall
*
* Access Level: Read
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DescribeFlowOperation.html
*/
toDescribeFlowOperation() {
return this.to('DescribeFlowOperation');
}
/**
* Grants permission to describe the logging configuration of a firewall
*
* Access Level: Read
*
* Dependent actions:
* - logs:GetLogDelivery
* - logs:ListLogDeliveries
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DescribeLoggingConfiguration.html
*/
toDescribeLoggingConfiguration() {
return this.to('DescribeLoggingConfiguration');
}
/**
* Grants permission to retrieve the data objects that define a proxy
*
* Access Level: Read
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DescribeProxy.html
*/
toDescribeProxy() {
return this.to('DescribeProxy');
}
/**
* Grants permission to retrieve the data objects that define a proxy configuration
*
* Access Level: Read
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DescribeProxyConfiguration.html
*/
toDescribeProxyConfiguration() {
return this.to('DescribeProxyConfiguration');
}
/**
* Grants permission to retrieve the data objects that define a proxy rule
*
* Access Level: Read
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DescribeProxyRule.html
*/
toDescribeProxyRule() {
return this.to('DescribeProxyRule');
}
/**
* Grants permission to retrieve the data objects that define a proxy rule group
*
* Access Level: Read
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DescribeProxyRuleGroup.html
*/
toDescribeProxyRuleGroup() {
return this.to('DescribeProxyRuleGroup');
}
/**
* Grants permission to describe a resource policy for a firewall policy or rule group or firewall
*
* Access Level: Read
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DescribeResourcePolicy.html
*/
toDescribeResourcePolicy() {
return this.to('DescribeResourcePolicy');
}
/**
* Grants permission to retrieve the data objects that define a rule group
*
* Access Level: Read
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DescribeRuleGroup.html
*/
toDescribeRuleGroup() {
return this.to('DescribeRuleGroup');
}
/**
* Grants permission to retrieve the high-level information about a rule group
*
* Access Level: Read
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DescribeRuleGroupMetadata.html
*/
toDescribeRuleGroupMetadata() {
return this.to('DescribeRuleGroupMetadata');
}
/**
* Grants permission to retrieve the summary information about a rule group
*
* Access Level: Read
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DescribeRuleGroupSummary.html
*/
toDescribeRuleGroupSummary() {
return this.to('DescribeRuleGroupSummary');
}
/**
* Grants permission to retrieve the data objects that define a tls inspection configuration
*
* Access Level: Read
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DescribeTLSInspectionConfiguration.html
*/
toDescribeTLSInspectionConfiguration() {
return this.to('DescribeTLSInspectionConfiguration');
}
/**
* Grants permission to retrieve the data objects that define a vpc endpoint association
*
* Access Level: Read
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DescribeVpcEndpointAssociation.html
*/
toDescribeVpcEndpointAssociation() {
return this.to('DescribeVpcEndpointAssociation');
}
/**
* Grants permission to detach proxy rule groups from a proxy configuration
*
* Access Level: Write
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DetachRuleGroupsFromProxyConfiguration.html
*/
toDetachRuleGroupsFromProxyConfiguration() {
return this.to('DetachRuleGroupsFromProxyConfiguration');
}
/**
* Grants permission to disassociate availability zones to a firewall
*
* Access Level: Write
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DisassociateAvailabilityZones.html
*/
toDisassociateAvailabilityZones() {
return this.to('DisassociateAvailabilityZones');
}
/**
* Grants permission to disassociate VPC subnets from a firewall
*
* Access Level: Write
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DisassociateSubnets.html
*/
toDisassociateSubnets() {
return this.to('DisassociateSubnets');
}
/**
* Grants permission to retrieve analysis report results of a firewall
*
* Access Level: Read
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_GetAnalysisReportResults.html
*/
toGetAnalysisReportResults() {
return this.to('GetAnalysisReportResults');
}
/**
* Grants permission to list firewall analysis reports
*
* Access Level: List
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_ListAnalysisReports.html
*/
toListAnalysisReports() {
return this.to('ListAnalysisReports');
}
/**
* Grants permission to retrieve the metadata for firewall policies
*
* Access Level: List
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_ListFirewallPolicies.html
*/
toListFirewallPolicies() {
return this.to('ListFirewallPolicies');
}
/**
* Grants permission to retrieve the metadata for firewalls
*
* Access Level: List
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_ListFirewalls.html
*/
toListFirewalls() {
return this.to('ListFirewalls');
}
/**
* Grants permission to list results from a flow operation performed on a firewall
*
* Access Level: Read
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_ListFlowOperationResults.html
*/
toListFlowOperationResults() {
return this.to('ListFlowOperationResults');
}
/**
* Grants permission to list flow operations performed on a firewall
*
* Access Level: List
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_ListFlowOperations.html
*/
toListFlowOperations() {
return this.to('ListFlowOperations');
}
/**
* Grants permission to retrieve the metadata for proxies
*
* Access Level: List
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_ListProxies.html
*/
toListProxies() {
return this.to('ListProxies');
}
/**
* Grants permission to retrieve the metadata for proxy configurations
*
* Access Level: List
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_ListProxyConfigurations.html
*/
toListProxyConfigurations() {
return this.to('ListProxyConfigurations');
}
/**
* Grants permission to retrieve the metadata for proxy rule groups
*
* Access Level: List
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_ListProxyRuleGroups.html
*/
toListProxyRuleGroups() {
return this.to('ListProxyRuleGroups');
}
/**
* Grants permission to retrieve the metadata for rule groups
*
* Access Level: List
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_ListRuleGroups.html
*/
toListRuleGroups() {
return this.to('ListRuleGroups');
}
/**
* Grants permission to retrieve the metadata for tls inspection configurations
*
* Access Level: List
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_ListTLSInspectionConfigurations.html
*/
toListTLSInspectionConfigurations() {
return this.to('ListTLSInspectionConfigurations');
}
/**
* Grants permission to retrieve the tags for a resource
*
* Access Level: List
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_ListTagsForResource.html
*/
toListTagsForResource() {
return this.to('ListTagsForResource');
}
/**
* Grants permission to retrieve the metadata for vpc endpoint associations
*
* Access Level: List
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_ListVpcEndpointAssociations.html
*/
toListVpcEndpointAssociations() {
return this.to('ListVpcEndpointAssociations');
}
/**
* Grants permission to put a resource policy for a firewall policy or rule group or firewall
*
* Access Level: Write
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_PutResourcePolicy.html
*/
toPutResourcePolicy() {
return this.to('PutResourcePolicy');
}
/**
* Grants permission to reject pending Network Firewall attachments on a transit gateway
*
* Access Level: Write
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_RejectNetworkFirewallTransitGatewayAttachment.html
*/
toRejectNetworkFirewallTransitGatewayAttachment() {
return this.to('RejectNetworkFirewallTransitGatewayAttachment');
}
/**
* Grants permission to start an analysis report on a firewall
*
* Access Level: Write
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_GetAnalysisReportResults.html
*/
toStartAnalysisReport() {
return this.to('StartAnalysisReport');
}
/**
* Grants permission to start capture operation on a firewall
*
* Access Level: Write
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_StartFlowCapture.html
*/
toStartFlowCapture() {
return this.to('StartFlowCapture');
}
/**
* Grants permission to start flush operation on a firewall
*
* Access Level: Write
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_StartFlowFlush.html
*/
toStartFlowFlush() {
return this.to('StartFlowFlush');
}
/**
* Grants permission to attach tags to a resource
*
* Access Level: Tagging
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_TagResource.html
*/
toTagResource() {
return this.to('TagResource');
}
/**
* Grants permission to remove tags from a resource
*
* Access Level: Tagging
*
* Possible conditions:
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_UntagResource.html
*/
toUntagResource() {
return this.to('UntagResource');
}
/**
* Grants permission to add or remove availability zone change protection for a firewall
*
* Access Level: Write
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_UpdateAvailabilityZoneChangeProtection.html
*/
toUpdateAvailabilityZoneChangeProtection() {
return this.to('UpdateAvailabilityZoneChangeProtection');
}
/**
* Grants permission to modify firewall analysis settings of a firewall
*
* Access Level: Write
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_UpdateFirewallAnalysisSettings.html
*/
toUpdateFirewallAnalysisSettings() {
return this.to('UpdateFirewallAnalysisSettings');
}
/**
* Grants permission to add or remove delete protection for a firewall
*
* Access Level: Write
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_UpdateFirewallDeleteProtection.html
*/
toUpdateFirewallDeleteProtection() {
return this.to('UpdateFirewallDeleteProtection');
}
/**
* Grants permission to modify the description for a firewall
*
* Access Level: Write
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_UpdateFirewallDescription.html
*/
toUpdateFirewallDescription() {
return this.to('UpdateFirewallDescription');
}
/**
* Grants permission to modify the encryption configuration of a firewall
*
* Access Level: Write
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_UpdateFirewallEncryptionConfiguration.html
*/
toUpdateFirewallEncryptionConfiguration() {
return this.to('UpdateFirewallEncryptionConfiguration');
}
/**
* Grants permission to modify a firewall policy
*
* Access Level: Write
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_UpdateFirewallPolicy.html
*/
toUpdateFirewallPolicy() {
return this.to('UpdateFirewallPolicy');
}
/**
* Grants permission to add or remove firewall policy change protection for a firewall
*
* Access Level: Write
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_UpdateFirewallPolicyChangeProtection.html
*/
toUpdateFirewallPolicyChangeProtection() {
return this.to('UpdateFirewallPolicyChangeProtection');
}
/**
* Grants permission to modify the logging configuration of a firewall
*
* Access Level: Write
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_UpdateLoggingConfiguration.html
*/
toUpdateLoggingConfiguration() {
return this.to('UpdateLoggingConfiguration');
}
/**
* Grants permission to modify a proxy
*
* Access Level: Write
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_UpdateProxy.html
*/
toUpdateProxy() {
return this.to('UpdateProxy');
}
/**
* Grants permission to modify a proxy configuration
*
* Access Level: Write
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_UpdateProxyConfiguration.html
*/
toUpdateProxyConfiguration() {
return this.to('UpdateProxyConfiguration');
}
/**
* Grants permission to update an existing proxy rule on a proxy rule group
*
* Access Level: Write
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_UpdateProxyRule.html
*/
toUpdateProxyRule() {
return this.to('UpdateProxyRule');
}
/**
* Grants permission to modify rule group priorities on a proxy configuration
*
* Access Level: Write
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_UpdateProxyRuleGroupPriorities.html
*/
toUpdateProxyRuleGroupPriorities() {
return this.to('UpdateProxyRuleGroupPriorities');
}
/**
* Grants permission to update proxy rule priorities within a proxy rule group
*
* Access Level: Write
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_UpdateProxyRulePriorities.html
*/
toUpdateProxyRulePriorities() {
return this.to('UpdateProxyRulePriorities');
}
/**
* Grants permission to modify a rule group
*
* Access Level: Write
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_UpdateRuleGroup.html
*/
toUpdateRuleGroup() {
return this.to('UpdateRuleGroup');
}
/**
* Grants permission to add or remove subnet change protection for a firewall
*
* Access Level: Write
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_UpdateSubnetChangeProtection.html
*/
toUpdateSubnetChangeProtection() {
return this.to('UpdateSubnetChangeProtection');
}
/**
* Grants permission to modify a tls inspection configuration
*
* Access Level: Write
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_UpdateTLSInspectionConfiguration.html
*/
toUpdateTLSInspectionConfiguration() {
return this.to('UpdateTLSInspectionConfiguration');
}
/**
* Adds a resource of type Firewall to the statement
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_Firewall.html
*
* @param name - Identifier for the name.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onFirewall(name, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:network-firewall:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:firewall/${name}`);
}
/**
* Adds a resource of type FirewallPolicy to the statement
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_FirewallPolicyResponse.html
*
* @param name - Identifier for the name.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onFirewallPolicy(name, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:network-firewall:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:firewall-policy/${name}`);
}
/**
* Adds a resource of type StatefulRuleGroup to the statement
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_RuleGroupResponse.html
*
* @param name - Identifier for the name.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onStatefulRuleGroup(name, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:network-firewall:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:stateful-rulegroup/${name}`);
}
/**
* Adds a resource of type StatelessRuleGroup to the statement
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_RuleGroupResponse.html
*
* @param name - Identifier for the name.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onStatelessRuleGroup(name, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:network-firewall:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:stateless-rulegroup/${name}`);
}
/**
* Adds a resource of type TLSInspectionConfiguration to the statement
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_TLSInspectionConfigurationResponse.html
*
* @param name - Identifier for the name.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onTLSInspectionConfiguration(name, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:network-firewall:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:tls-configuration/${name}`);
}
/**
* Adds a resource of type VpcEndpointAssociation to the statement
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_VpcEndpointAssociation.html
*
* @param name - Identifier for the name.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onVpcEndpointAssociation(name, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:network-firewall:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:vpc-endpoint-association/${name}`);
}
/**
* Adds a resource of type ProxyRuleGroup to the statement
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_ProxyRuleGroup.html
*
* @param name - Identifier for the name.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onProxyRuleGroup(name, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:network-firewall:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:proxy-rule-group/${name}`);
}
/**
* Adds a resource of type ProxyConfiguration to the statement
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_ProxyConfiguration.html
*
* @param name - Identifier for the name.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onProxyConfiguration(name, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:network-firewall:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:proxy-configuration/${name}`);
}
/**
* Adds a resource of type Proxy to the statement
*
* https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_Proxy.html
*
* @param name - Identifier for the name.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onProxy(name, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:network-firewall:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:proxy/${name}`);
}
/**
* Filters access by on the allowed set of values for each of the tags
*
* https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-requesttag
*
* Applies to actions:
* - .toAssociateFirewallPolicy()
* - .toCreateFirewall()
* - .toCreateFirewallPolicy()
* - .toCreateProxy()
* - .toCreateProxyConfiguration()
* - .toCreateProxyRuleGroup()
* - .toCreateRuleGroup()
* - .toCreateTLSInspectionConfiguration()
* - .toCreateVpcEndpointAssociation()
* - .toTagResource()
*
* @param tagKey The tag key to check
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifAwsRequestTag(tagKey, value, operator) {
return this.if(`aws:RequestTag/${tagKey}`, value, operator ?? 'StringLike');
}
/**
* Filters access by the tag value associated with the resource
*
* https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-resourcetag
*
* Applies to resource types:
* - Firewall
* - FirewallPolicy
* - StatefulRuleGroup
* - StatelessRuleGroup
* - TLSInspectionConfiguration
* - VpcEndpointAssociation
* - ProxyRuleGroup
* - ProxyConfiguration
* - Proxy
*
* @param tagKey The tag key to check
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifAwsResourceTag(tagKey, value, operator) {
return this.if(`aws:ResourceTag/${tagKey}`, value, operator ?? 'StringLike');
}
/**
* Filters access by the presence of mandatory tags in the request
*
* https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-tagkeys
*
* Applies to actions:
* - .toAssociateFirewallPolicy()
* - .toCreateFirewall()
* - .toCreateFirewallPolicy()
* - .toCreateProxy()
* - .toCreateProxyConfiguration()
* - .toCreateProxyRuleGroup()
* - .toCreateRuleGroup()
* - .toCreateTLSInspectionConfiguration()
* - .toCreateVpcEndpointAssociation()
* - .toTagResource()
* - .toUntagResource()
*
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifAwsTagKeys(value, operator) {
return this.if(`aws:TagKeys`, value, operator ?? 'StringLike');
}
/**
* Statement provider for service [network-firewall](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsnetworkfirewall.html).
*
*/
constructor(props) {
super(props);
this.servicePrefix = 'network-firewall';
this.accessLevelList = {
Write: [
'AcceptNetworkFirewallTransitGatewayAttachment',
'AssociateAvailabilityZones',
'AssociateFirewallPolicy',
'AssociateSubnets',
'AttachRuleGroupsToProxyConfiguration',
'CreateFirewall',
'CreateFirewallPolicy',
'CreateProxy',
'CreateProxyConfiguration',
'CreateProxyRuleGroup',
'CreateProxyRules',
'CreateRuleGroup',
'CreateTLSInspectionConfiguration',
'CreateVpcEndpointAssociation',
'DeleteFirewall',
'DeleteFirewallPolicy',
'DeleteNetworkFirewallTransitGatewayAttachment',
'DeleteProxy',
'DeleteProxyConfiguration',
'DeleteProxyRuleGroup',
'DeleteProxyRules',
'DeleteResourcePolicy',
'DeleteRuleGroup',
'DeleteTLSInspectionConfiguration',
'DeleteVpcEndpointAssociation',
'DetachRuleGroupsFromProxyConfiguration',
'DisassociateAvailabilityZones',
'DisassociateSubnets',
'PutResourcePolicy',
'RejectNetworkFirewallTransitGatewayAttachment',
'StartAnalysisReport',
'StartFlowCapture',
'StartFlowFlush',
'UpdateAvailabilityZoneChangeProtection',
'UpdateFirewallAnalysisSettings',
'UpdateFirewallDeleteProtection',
'UpdateFirewallDescription',
'UpdateFirewallEncryptionConfiguration',
'UpdateFirewallPolicy',
'UpdateFirewallPolicyChangeProtection',
'UpdateLoggingConfiguration',
'UpdateProxy',
'UpdateProxyConfiguration',
'UpdateProxyRule',
'UpdateProxyRuleGroupPriorities',
'UpdateProxyRulePriorities',
'UpdateRuleGroup',
'UpdateSubnetChangeProtection',
'UpdateTLSInspectionConfiguration'
],
Read: [
'DescribeFirewall',
'DescribeFirewallMetadata',
'DescribeFirewallPolicy',
'DescribeFlowOperation',
'DescribeLoggingConfiguration',
'DescribeProxy',
'DescribeProxyConfiguration',
'DescribeProxyRule',
'DescribeProxyRuleGroup',
'DescribeResourcePolicy',
'DescribeRuleGroup',
'DescribeRuleGroupMetadata',
'DescribeRuleGroupSummary',
'DescribeTLSInspectionConfiguration',
'DescribeVpcEndpointAssociation',
'GetAnalysisReportResults',
'ListFlowOperationResults'
],
List: [
'ListAnalysisReports',
'ListFirewallPolicies',
'ListFirewalls',
'ListFlowOperations',
'ListProxies',
'ListProxyConfigurations',
'ListProxyRuleGroups',
'ListRuleGroups',
'ListTLSInspectionConfigurations',
'ListTagsForResource',
'ListVpcEndpointAssociations'
],
Tagging: [
'TagResource',
'UntagResource'
]
};
}
}
exports.NetworkFirewall = NetworkFirewall;
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoibmV0d29ya2ZpcmV3YWxsLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsibmV0d29ya2ZpcmV3YWxsLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUNBLHlDQUF5RDtBQUd6RDs7OztHQUlHO0FBQ0gsTUFBYSxlQUFnQixTQUFRLHdCQUFlO0lBR2xEOzs7Ozs7T0FNRztJQUNJLCtDQUErQztRQUNwRCxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsK0NBQStDLENBQUMsQ0FBQztJQUNsRSxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksNEJBQTRCO1FBQ2pDLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyw0QkFBNEIsQ0FBQyxDQUFDO0lBQy9DLENBQUM7SUFFRDs7Ozs7Ozs7OztPQVVHO0lBQ0kseUJBQXlCO1FBQzlCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyx5QkFBeUIsQ0FBQyxDQUFDO0lBQzVDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxrQkFBa0I7UUFDdkIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLGtCQUFrQixDQUFDLENBQUM7SUFDckMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLHNDQUFzQztRQUMzQyxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsc0NBQXNDLENBQUMsQ0FBQztJQUN6RCxDQUFDO0lBRUQ7Ozs7Ozs7Ozs7Ozs7T0FhRztJQUNJLGdCQUFnQjtRQUNyQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsZ0JBQWdCLENBQUMsQ0FBQztJQUNuQyxDQUFDO0lBRUQ7Ozs7Ozs7Ozs7T0FVRztJQUNJLHNCQUFzQjtRQUMzQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsc0JBQXNCLENBQUMsQ0FBQztJQUN6QyxDQUFDO0lBRUQ7Ozs7Ozs7Ozs7Ozs7T0FhRztJQUNJLGFBQWE7UUFDbEIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLGFBQWEsQ0FBQyxDQUFDO0lBQ2hDLENBQUM7SUFFRDs7Ozs7Ozs7OztPQVVHO0lBQ0ksMEJBQTBCO1FBQy9CLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQywwQkFBMEIsQ0FBQyxDQUFDO0lBQzdDLENBQUM7SUFFRDs7Ozs7Ozs7OztPQVVHO0lBQ0ksc0JBQXNCO1FBQzNCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxzQkFBc0IsQ0FBQyxDQUFDO0lBQ3pDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxrQkFBa0I7UUFDdkIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLGtCQUFrQixDQUFDLENBQUM7SUFDckMsQ0FBQztJQUVEOzs7Ozs7Ozs7O09BVUc7SUFDSSxpQkFBaUI7UUFDdEIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLGlCQUFpQixDQUFDLENBQUM7SUFDcEMsQ0FBQztJQUVEOzs7Ozs7Ozs7Ozs7O09BYUc7SUFDSSxrQ0FBa0M7UUFDdkMsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLGtDQUFrQyxDQUFDLENBQUM7SUFDckQsQ0FBQztJQUVEOzs7Ozs7Ozs7Ozs7O09BYUc7SUFDSSw4QkFBOEI7UUFDbkMsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLDhCQUE4QixDQUFDLENBQUM7SUFDakQsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLGdCQUFnQjtRQUNyQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsZ0JBQWdCLENBQUMsQ0FBQztJQUNuQyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksc0JBQXNCO1FBQzNCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxzQkFBc0IsQ0FBQyxDQUFDO0lBQ3pDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSwrQ0FBK0M7UUFDcEQsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLCtDQUErQyxDQUFDLENBQUM7SUFDbEUsQ0FBQztJQUVEOzs7Ozs7Ozs7T0FTRztJQUNJLGFBQWE7UUFDbEIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLGFBQWEsQ0FBQyxDQUFDO0lBQ2hDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSwwQkFBMEI7UUFDL0IsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLDBCQUEwQixDQUFDLENBQUM7SUFDN0MsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLHNCQUFzQjtRQUMzQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsc0JBQXNCLENBQUMsQ0FBQztJQUN6QyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksa0JBQWtCO1FBQ3ZCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxrQkFBa0IsQ0FBQyxDQUFDO0lBQ3JDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxzQkFBc0I7UUFDM0IsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLHNCQUFzQixDQUFDLENBQUM7SUFDekMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLGlCQUFpQjtRQUN0QixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsaUJBQWlCLENBQUMsQ0FBQztJQUNwQyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksa0NBQWtDO1FBQ3ZDLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxrQ0FBa0MsQ0FBQyxDQUFDO0lBQ3JELENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSw4QkFBOEI7UUFDbkMsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLDhCQUE4QixDQUFDLENBQUM7SUFDakQsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLGtCQUFrQjtRQUN2QixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsa0JBQWtCLENBQUMsQ0FBQztJQUNyQyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksMEJBQTBCO1FBQy9CLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQywwQkFBMEIsQ0FBQyxDQUFDO0lBQzdDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSx3QkFBd0I7UUFDN0IsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLHdCQUF3QixDQUFDLENBQUM7SUFDM0MsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLHVCQUF1QjtRQUM1QixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsdUJBQXVCLENBQUMsQ0FBQztJQUMxQyxDQUFDO0lBRUQ7Ozs7Ozs7Ozs7T0FVRztJQUNJLDhCQUE4QjtRQUNuQyxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsOEJBQThCLENBQUMsQ0FBQztJQUNqRCxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksZUFBZTtRQUNwQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsZUFBZSxDQUFDLENBQUM7SUFDbEMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLDRCQUE0QjtRQUNqQyxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsNEJBQTRCLENBQUMsQ0FBQztJQUMvQyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksbUJBQW1CO1FBQ3hCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxtQkFBbUIsQ0FBQyxDQUFDO0lBQ3RDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSx3QkFBd0I7UUFDN0IsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLHdCQUF3QixDQUFDLENBQUM7SUFDM0MsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLHdCQUF3QjtRQUM3QixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsd0JBQXdCLENBQUMsQ0FBQztJQUMzQyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksbUJBQW1CO1FBQ3hCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxtQkFBbUIsQ0FBQyxDQUFDO0lBQ3RDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSwyQkFBMkI7UUFDaEMsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLDJCQUEyQixDQUFDLENBQUM7SUFDOUMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLDBCQUEwQjtRQUMvQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsMEJBQTBCLENBQUMsQ0FBQztJQUM3QyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksb0NBQW9DO1FBQ3pDLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxvQ0FBb0MsQ0FBQyxDQUFDO0lBQ3ZELENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxnQ0FBZ0M7UUFDckMsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLGdDQUFnQyxDQUFDLENBQUM7SUFDbkQsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLHdDQUF3QztRQUM3QyxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsd0NBQXdDLENBQUMsQ0FBQztJQUMzRCxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksK0JBQStCO1FBQ3BDLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQywrQkFBK0IsQ0FBQyxDQUFDO0lBQ2xELENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxxQkFBcUI7UUFDMUIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLHFCQUFxQixDQUFDLENBQUM7SUFDeEMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLDBCQUEwQjtRQUMvQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsMEJBQTBCLENBQUMsQ0FBQztJQUM3QyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0kscUJBQXFCO1FBQzFCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxxQkFBcUIsQ0FBQyxDQUFDO0lBQ3hDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxzQkFBc0I7UUFDM0IsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLHNCQUFzQixDQUFDLENBQUM7SUFDekMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLGVBQWU7UUFDcEIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLGVBQWUsQ0FBQyxDQUFDO0lBQ2xDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSwwQkFBMEI7UUFDL0IsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLDBCQUEwQixDQUFDLENBQUM7SUFDN0MsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLG9CQUFvQjtRQUN6QixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsb0JBQW9CLENBQUMsQ0FBQztJQUN2QyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksYUFBYTtRQUNsQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsYUFBYSxDQUFDLENBQUM7SUFDaEMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLHlCQUF5QjtRQUM5QixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMseUJBQXlCLENBQUMsQ0FBQztJQUM1QyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0kscUJBQXFCO1FBQzFCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxxQkFBcUIsQ0FBQyxDQUFDO0lBQ3hDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxnQkFBZ0I7UUFDckIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLGdCQUFnQixDQUFDLENBQUM7SUFDbkMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLGlDQUFpQztRQUN0QyxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsaUNBQWlDLENBQUMsQ0FBQztJQUNwRCxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0kscUJBQX