cdk-iam-floyd
Version:
AWS IAM policy statement generator with fluent interface for AWS CDK
888 lines • 83.8 kB
JavaScript
"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.PaymentCryptography = void 0;
const shared_1 = require("../../shared");
/**
* Statement provider for service [payment-cryptography](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awspaymentcryptography.html).
*
* @param sid [SID](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_sid.html) of the statement
*/
class PaymentCryptography extends shared_1.PolicyStatement {
/**
* Grants permission to add replication regions to an existing AWS Payment Cryptography key
*
* Access Level: Write
*
* Possible conditions:
* - .ifRequestAlias()
*
* https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_AddKeyReplicationRegions.html
*/
toAddKeyReplicationRegions() {
return this.to('AddKeyReplicationRegions');
}
/**
* Grants permission to associate an MPA approval team with a payment cryptography action
*
* Access Level: Write
*
* Dependent actions:
* - mpa:CancelSession
* - mpa:GetApprovalTeam
* - mpa:StartSession
*
* https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_AssociateMpaTeam.html
*/
toAssociateMpaTeam() {
return this.to('AssociateMpaTeam');
}
/**
* Grants permission to create a user-friendly name for a Key
*
* Access Level: Write
*
* https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_CreateAlias.html
*/
toCreateAlias() {
return this.to('CreateAlias');
}
/**
* Grants permission to create a unique customer managed key in the caller's AWS account and region
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
* - .ifKeyClass()
* - .ifKeyUsage()
* - .ifKeyAlgorithm()
*
* Dependent actions:
* - payment-cryptography:TagResource
*
* https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_CreateKey.html
*/
toCreateKey() {
return this.to('CreateKey');
}
/**
* Grants permission to decrypt ciphertext data to plaintext using symmetric, asymmetric or DUKPT data encryption key
*
* Access Level: Write
*
* Possible conditions:
* - .ifRequestAlias()
*
* https://docs.aws.amazon.com/payment-cryptography/latest/DataAPIReference/API_DecryptData.html
*/
toDecryptData() {
return this.to('DecryptData');
}
/**
* Grants permission to delete the specified alias
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_DeleteAlias.html
*/
toDeleteAlias() {
return this.to('DeleteAlias');
}
/**
* Grants permission to schedule the deletion of a Key
*
* Access Level: Write
*
* Possible conditions:
* - .ifRequestAlias()
*
* Dependent actions:
* - mpa:CancelSession
*
* https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_DeleteKey.html
*/
toDeleteKey() {
return this.to('DeleteKey');
}
/**
* Grants permission to delete the resource-based policy attached to a key
*
* Access Level: Permissions management
*
* https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_DeleteResourcePolicy.html
*/
toDeleteResourcePolicy() {
return this.to('DeleteResourcePolicy');
}
/**
* Grants permission to disable default key replication regions for account-level replication
*
* Access Level: Write
*
* https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_DisableDefaultKeyReplicationRegions.html
*/
toDisableDefaultKeyReplicationRegions() {
return this.to('DisableDefaultKeyReplicationRegions');
}
/**
* Grants permission to disassociate an MPA approval team from a payment cryptography action
*
* Access Level: Write
*
* Dependent actions:
* - mpa:CancelSession
* - mpa:StartSession
*
* https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_DisassociateMpaTeam.html
*/
toDisassociateMpaTeam() {
return this.to('DisassociateMpaTeam');
}
/**
* Grants permission to enable default key replication regions for account-level replication
*
* Access Level: Write
*
* https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_EnableDefaultKeyReplicationRegions.html
*/
toEnableDefaultKeyReplicationRegions() {
return this.to('EnableDefaultKeyReplicationRegions');
}
/**
* Grants permission to encrypt plaintext data to ciphertext using symmetric, asymmetric or DUKPT data encryption key
*
* Access Level: Write
*
* Possible conditions:
* - .ifRequestAlias()
*
* https://docs.aws.amazon.com/payment-cryptography/latest/DataAPIReference/API_EncryptData.html
*/
toEncryptData() {
return this.to('EncryptData');
}
/**
* Grants permission to export a key from the service
*
* Access Level: Write
*
* Possible conditions:
* - .ifRequestAlias()
* - .ifCertificateAuthorityPublicKeyIdentifier()
* - .ifWrappingKeyIdentifier()
*
* https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_ExportKey.html
*/
toExportKey() {
return this.to('ExportKey');
}
/**
* Grants permission to generate a KekValidationRequest or a KekValidationResponse for node-to-node initialization between payment processing nodes using Australian Standard 2805 (AS2805)
*
* Access Level: Write
*
* Possible conditions:
* - .ifRequestAlias()
*
* https://docs.aws.amazon.com/payment-cryptography/latest/DataAPIReference/API_GenerateAs2805KekValidation.html
*/
toGenerateAs2805KekValidation() {
return this.to('GenerateAs2805KekValidation');
}
/**
* Grants permission to generate card-related data using algorithms such as Card Verification Values (CVV/CVV2), Dynamic Card Verification Values (dCVV/dCVV2) or Card Security Codes (CSC) that check the validity of a magnetic stripe card
*
* Access Level: Write
*
* Possible conditions:
* - .ifRequestAlias()
*
* https://docs.aws.amazon.com/payment-cryptography/latest/DataAPIReference/API_GenerateCardValidationData.html
*/
toGenerateCardValidationData() {
return this.to('GenerateCardValidationData');
}
/**
* Grants permission to generate a MAC (Message Authentication Code) cryptogram
*
* Access Level: Write
*
* Possible conditions:
* - .ifRequestAlias()
*
* https://docs.aws.amazon.com/payment-cryptography/latest/DataAPIReference/API_GenerateMac.html
*/
toGenerateMac() {
return this.to('GenerateMac');
}
/**
* Grants permission to generate a MAC (Message Authentication Code) cryptogram
*
* Access Level: Write
*
* Possible conditions:
* - .ifRequestAlias()
*
* https://docs.aws.amazon.com/payment-cryptography/latest/DataAPIReference/API_GenerateMacEmvPinChange.html
*/
toGenerateMacEmvPinChange() {
return this.to('GenerateMacEmvPinChange');
}
/**
* Grants permission to generate pin-related data such as PIN, PIN Verification Value (PVV), PIN Block and PIN Offset during new card issuance or card re-issuance
*
* Access Level: Write
*
* Possible conditions:
* - .ifRequestAlias()
*
* https://docs.aws.amazon.com/payment-cryptography/latest/DataAPIReference/API_GeneratePinData.html
*/
toGeneratePinData() {
return this.to('GeneratePinData');
}
/**
* Grants permission to return the keyArn associated with an aliasName
*
* Access Level: Read
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_GetAlias.html
*/
toGetAlias() {
return this.to('GetAlias');
}
/**
* Grants permission to return the Certificate Signing Request for a public key from a key of class PUBLIC_KEY
*
* Access Level: Read
*
* Possible conditions:
* - .ifRequestAlias()
*
* https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_GetCertificateSigningRequest.html
*/
toGetCertificateSigningRequest() {
return this.to('GetCertificateSigningRequest');
}
/**
* Grants permission to retrieve the default key replication regions configured at the account level
*
* Access Level: Read
*
* https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_GetDefaultKeyReplicationRegions.html
*/
toGetDefaultKeyReplicationRegions() {
return this.to('GetDefaultKeyReplicationRegions');
}
/**
* Grants permission to return the detailed information about the specified key
*
* Access Level: Read
*
* Possible conditions:
* - .ifRequestAlias()
*
* https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_GetKey.html
*/
toGetKey() {
return this.to('GetKey');
}
/**
* Grants permission to retrieve information about an MPA approval team association for a payment cryptography action
*
* Access Level: Read
*
* https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_GetMpaTeamAssociation.html
*/
toGetMpaTeamAssociation() {
return this.to('GetMpaTeamAssociation');
}
/**
* Grants permission to get the export token and the signing key certificate to initiate a TR-34 key export
*
* Access Level: Read
*
* https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_GetParametersForExport.html
*/
toGetParametersForExport() {
return this.to('GetParametersForExport');
}
/**
* Grants permission to get the import token and the wrapping key certificate to initiate a TR-34 key import
*
* Access Level: Read
*
* https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_GetParametersForImport.html
*/
toGetParametersForImport() {
return this.to('GetParametersForImport');
}
/**
* Grants permission to return the public key from a key of class PUBLIC_KEY
*
* Access Level: Read
*
* Possible conditions:
* - .ifRequestAlias()
*
* https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_GetPublicKeyCertificate.html
*/
toGetPublicKeyCertificate() {
return this.to('GetPublicKeyCertificate');
}
/**
* Grants permission to retrieve the resource-based policy attached to a key
*
* Access Level: Read
*
* https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_GetResourcePolicy.html
*/
toGetResourcePolicy() {
return this.to('GetResourcePolicy');
}
/**
* Grants permission to imports keys and public key certificates
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
* - .ifImportKeyMaterial()
* - .ifCertificateAuthorityPublicKeyIdentifier()
* - .ifWrappingKeyIdentifier()
*
* Dependent actions:
* - mpa:StartSession
* - payment-cryptography:TagResource
*
* https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_ImportKey.html
*/
toImportKey() {
return this.to('ImportKey');
}
/**
* Grants permission to return a list of aliases created for all keys in the caller's AWS account and Region
*
* Access Level: List
*
* https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_ListAliases.html
*/
toListAliases() {
return this.to('ListAliases');
}
/**
* Grants permission to return a list of keys created in the caller's AWS account and Region
*
* Access Level: List
*
* https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_ListKeys.html
*/
toListKeys() {
return this.to('ListKeys');
}
/**
* Grants permission to return a list of tags created in the caller's AWS account and Region
*
* Access Level: Read
*
* https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_ListTagsForResource.html
*/
toListTagsForResource() {
return this.to('ListTagsForResource');
}
/**
* Grants permission to attach or replace a resource-based policy on a key
*
* Access Level: Permissions management
*
* https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_PutResourcePolicy.html
*/
toPutResourcePolicy() {
return this.to('PutResourcePolicy');
}
/**
* Grants permission to re-encrypt ciphertext using DUKPT, Symmetric and Asymmetric Data Encryption Keys
*
* Access Level: Write
*
* Possible conditions:
* - .ifRequestAlias()
*
* https://docs.aws.amazon.com/payment-cryptography/latest/DataAPIReference/API_ReEncryptData.html
*/
toReEncryptData() {
return this.to('ReEncryptData');
}
/**
* Grants permission to remove replication regions from an existing AWS Payment Cryptography key
*
* Access Level: Write
*
* Possible conditions:
* - .ifRequestAlias()
*
* https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_RemoveKeyReplicationRegions.html
*/
toRemoveKeyReplicationRegions() {
return this.to('RemoveKeyReplicationRegions');
}
/**
* Grants permission to cancel a scheduled key deletion if at any point during the waiting period a Key needs to be revived
*
* Access Level: Write
*
* Possible conditions:
* - .ifRequestAlias()
*
* https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_RestoreKey.html
*/
toRestoreKey() {
return this.to('RestoreKey');
}
/**
* Grants permission to enable a disabled Key
*
* Access Level: Write
*
* Possible conditions:
* - .ifRequestAlias()
*
* https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_StartKeyUsage.html
*/
toStartKeyUsage() {
return this.to('StartKeyUsage');
}
/**
* Grants permission to disable an enabled Key
*
* Access Level: Write
*
* Possible conditions:
* - .ifRequestAlias()
*
* https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_StopKeyUsage.html
*/
toStopKeyUsage() {
return this.to('StopKeyUsage');
}
/**
* Grants permission to add or overwrites one or more tags for the specified resource
*
* Access Level: Tagging
*
* Possible conditions:
* - .ifAwsTagKeys()
* - .ifAwsRequestTag()
*
* https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_TagResource.html
*/
toTagResource() {
return this.to('TagResource');
}
/**
* Grants permission to translate wrapping key type for a wrapped key
*
* Access Level: Write
*
* Possible conditions:
* - .ifRequestAlias()
*
* https://docs.aws.amazon.com/payment-cryptography/latest/DataAPIReference/API_TranslateKeyMaterial.html
*/
toTranslateKeyMaterial() {
return this.to('TranslateKeyMaterial');
}
/**
* Grants permission to translate encrypted PIN block from and to ISO 9564 formats 0,1,3,4
*
* Access Level: Write
*
* Possible conditions:
* - .ifRequestAlias()
*
* https://docs.aws.amazon.com/payment-cryptography/latest/DataAPIReference/API_TranslatePinData.html
*/
toTranslatePinData() {
return this.to('TranslatePinData');
}
/**
* Grants permission to remove the specified tag or tags from the specified resource
*
* Access Level: Tagging
*
* Possible conditions:
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_UntagResource.html
*/
toUntagResource() {
return this.to('UntagResource');
}
/**
* Grants permission to change the key to which an alias is assigned, or unassign it from its current key
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_UpdateAlias.html
*/
toUpdateAlias() {
return this.to('UpdateAlias');
}
/**
* Grants permission to verify Authorization Request Cryptogram (ARQC) for a EMV chip payment card authorization
*
* Access Level: Write
*
* Possible conditions:
* - .ifRequestAlias()
*
* https://docs.aws.amazon.com/payment-cryptography/latest/DataAPIReference/API_VerifyAuthRequestCryptogram.html
*/
toVerifyAuthRequestCryptogram() {
return this.to('VerifyAuthRequestCryptogram');
}
/**
* Grants permission to verify card-related validation data using algorithms such as Card Verification Values (CVV/CVV2), Dynamic Card Verification Values (dCVV/dCVV2) and Card Security Codes (CSC)
*
* Access Level: Write
*
* Possible conditions:
* - .ifRequestAlias()
*
* https://docs.aws.amazon.com/payment-cryptography/latest/DataAPIReference/API_VerifyCardValidationData.html
*/
toVerifyCardValidationData() {
return this.to('VerifyCardValidationData');
}
/**
* Grants permission to verify MAC (Message Authentication Code) of input data against a provided MAC
*
* Access Level: Write
*
* Possible conditions:
* - .ifRequestAlias()
*
* https://docs.aws.amazon.com/payment-cryptography/latest/DataAPIReference/API_VerifyMac.html
*/
toVerifyMac() {
return this.to('VerifyMac');
}
/**
* Grants permission to verify pin-related data such as PIN and PIN Offset using algorithms including VISA PVV and IBM3624
*
* Access Level: Write
*
* Possible conditions:
* - .ifRequestAlias()
*
* https://docs.aws.amazon.com/payment-cryptography/latest/DataAPIReference/API_VerifyPinData.html
*/
toVerifyPinData() {
return this.to('VerifyPinData');
}
/**
* Adds a resource of type key to the statement
*
* @param keyId - Identifier for the keyId.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
* - .ifResourceAliases()
*/
onKey(keyId, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:payment-cryptography:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:key/${keyId}`);
}
/**
* Adds a resource of type alias to the statement
*
* @param alias - Identifier for the alias.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifResourceAliases()
*/
onAlias(alias, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:payment-cryptography:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:alias/${alias}`);
}
/**
* Adds a resource of type approval-team to the statement
*
* https://docs.aws.amazon.com/mpa/latest/userguide/mpa-concepts.html
*
* @param approvalTeamId - Identifier for the approvalTeamId.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onApprovalTeam(approvalTeamId, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:mpa:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:approval-team/${approvalTeamId}`);
}
/**
* Filters access by both the key and value of the tag in the request for the specified operation
*
* https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-requesttag
*
* Applies to actions:
* - .toCreateKey()
* - .toDeleteAlias()
* - .toGetAlias()
* - .toImportKey()
* - .toTagResource()
* - .toUpdateAlias()
*
* @param tagKey The tag key to check
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifAwsRequestTag(tagKey, value, operator) {
return this.if(`aws:RequestTag/${tagKey}`, value, operator ?? 'StringLike');
}
/**
* Filters access by tags assigned to a key for the specified operation
*
* https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/security_iam_service-with-iam.html#security_iam_service-with-iam-tags
*
* Applies to resource types:
* - key
* - approval-team
*
* @param tagKey The tag key to check
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifAwsResourceTag(tagKey, value, operator) {
return this.if(`aws:ResourceTag/${tagKey}`, value, operator ?? 'StringLike');
}
/**
* Filters access by the tag keys in the request for the specified operation
*
* https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-tagkeys
*
* Applies to actions:
* - .toCreateKey()
* - .toDeleteAlias()
* - .toGetAlias()
* - .toImportKey()
* - .toTagResource()
* - .toUntagResource()
* - .toUpdateAlias()
*
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifAwsTagKeys(value, operator) {
return this.if(`aws:TagKeys`, value, operator ?? 'StringLike');
}
/**
* Filters access by the CertificateAuthorityPublicKeyIdentifier specified in the request or the ImportKey, and ExportKey operations
*
* Applies to actions:
* - .toExportKey()
* - .toImportKey()
*
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifCertificateAuthorityPublicKeyIdentifier(value, operator) {
return this.if(`CertificateAuthorityPublicKeyIdentifier`, value, operator ?? 'StringLike');
}
/**
* Filters access by the type of key material being imported [RootCertificatePublicKey, TrustedCertificatePublicKey, Tr34KeyBlock, Tr31KeyBlock, DiffieHellmanTr31KeyBlock, As2805KeyCryptogram, KeyCryptogram] for the ImportKey operation
*
* Applies to actions:
* - .toImportKey()
*
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifImportKeyMaterial(value, operator) {
return this.if(`ImportKeyMaterial`, value, operator ?? 'StringLike');
}
/**
* Filters access by KeyAlgorithm specified in the request for the CreateKey operation
*
* Applies to actions:
* - .toCreateKey()
*
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifKeyAlgorithm(value, operator) {
return this.if(`KeyAlgorithm`, value, operator ?? 'StringLike');
}
/**
* Filters access by KeyClass specified in the request for the CreateKey operation
*
* Applies to actions:
* - .toCreateKey()
*
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifKeyClass(value, operator) {
return this.if(`KeyClass`, value, operator ?? 'StringLike');
}
/**
* Filters access by KeyClass specified in the request or associated with a key for the CreateKey operation
*
* Applies to actions:
* - .toCreateKey()
*
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifKeyUsage(value, operator) {
return this.if(`KeyUsage`, value, operator ?? 'StringLike');
}
/**
* Filters access by aliases in the request for the specified operation
*
* Applies to actions:
* - .toAddKeyReplicationRegions()
* - .toDecryptData()
* - .toDeleteKey()
* - .toEncryptData()
* - .toExportKey()
* - .toGenerateAs2805KekValidation()
* - .toGenerateCardValidationData()
* - .toGenerateMac()
* - .toGenerateMacEmvPinChange()
* - .toGeneratePinData()
* - .toGetCertificateSigningRequest()
* - .toGetKey()
* - .toGetPublicKeyCertificate()
* - .toReEncryptData()
* - .toRemoveKeyReplicationRegions()
* - .toRestoreKey()
* - .toStartKeyUsage()
* - .toStopKeyUsage()
* - .toTranslateKeyMaterial()
* - .toTranslatePinData()
* - .toVerifyAuthRequestCryptogram()
* - .toVerifyCardValidationData()
* - .toVerifyMac()
* - .toVerifyPinData()
*
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifRequestAlias(value, operator) {
return this.if(`RequestAlias`, value, operator ?? 'StringLike');
}
/**
* Filters access by aliases associated with a key for the specified operation
*
* Applies to resource types:
* - key
* - alias
*
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifResourceAliases(value, operator) {
return this.if(`ResourceAliases`, value, operator ?? 'StringLike');
}
/**
* Filters access by the WrappingKeyIdentifier specified in the request for the ImportKey, and ExportKey operations
*
* Applies to actions:
* - .toExportKey()
* - .toImportKey()
*
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifWrappingKeyIdentifier(value, operator) {
return this.if(`WrappingKeyIdentifier`, value, operator ?? 'StringLike');
}
/**
* Statement provider for service [payment-cryptography](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awspaymentcryptography.html).
*
*/
constructor(props) {
super(props);
this.servicePrefix = 'payment-cryptography';
this.accessLevelList = {
Write: [
'AddKeyReplicationRegions',
'AssociateMpaTeam',
'CreateAlias',
'CreateKey',
'DecryptData',
'DeleteAlias',
'DeleteKey',
'DisableDefaultKeyReplicationRegions',
'DisassociateMpaTeam',
'EnableDefaultKeyReplicationRegions',
'EncryptData',
'ExportKey',
'GenerateAs2805KekValidation',
'GenerateCardValidationData',
'GenerateMac',
'GenerateMacEmvPinChange',
'GeneratePinData',
'ImportKey',
'ReEncryptData',
'RemoveKeyReplicationRegions',
'RestoreKey',
'StartKeyUsage',
'StopKeyUsage',
'TranslateKeyMaterial',
'TranslatePinData',
'UpdateAlias',
'VerifyAuthRequestCryptogram',
'VerifyCardValidationData',
'VerifyMac',
'VerifyPinData'
],
'Permissions management': [
'DeleteResourcePolicy',
'PutResourcePolicy'
],
Read: [
'GetAlias',
'GetCertificateSigningRequest',
'GetDefaultKeyReplicationRegions',
'GetKey',
'GetMpaTeamAssociation',
'GetParametersForExport',
'GetParametersForImport',
'GetPublicKeyCertificate',
'GetResourcePolicy',
'ListTagsForResource'
],
List: [
'ListAliases',
'ListKeys'
],
Tagging: [
'TagResource',
'UntagResource'
]
};
}
}
exports.PaymentCryptography = PaymentCryptography;
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicGF5bWVudGNyeXB0b2dyYXBoeS5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbInBheW1lbnRjcnlwdG9ncmFwaHkudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQ0EseUNBQXlEO0FBR3pEOzs7O0dBSUc7QUFDSCxNQUFhLG1CQUFvQixTQUFRLHdCQUFlO0lBR3REOzs7Ozs7Ozs7T0FTRztJQUNJLDBCQUEwQjtRQUMvQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsMEJBQTBCLENBQUMsQ0FBQztJQUM3QyxDQUFDO0lBRUQ7Ozs7Ozs7Ozs7O09BV0c7SUFDSSxrQkFBa0I7UUFDdkIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLGtCQUFrQixDQUFDLENBQUM7SUFDckMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLGFBQWE7UUFDbEIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLGFBQWEsQ0FBQyxDQUFDO0lBQ2hDLENBQUM7SUFFRDs7Ozs7Ozs7Ozs7Ozs7OztPQWdCRztJQUNJLFdBQVc7UUFDaEIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLFdBQVcsQ0FBQyxDQUFDO0lBQzlCLENBQUM7SUFFRDs7Ozs7Ozs7O09BU0c7SUFDSSxhQUFhO1FBQ2xCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxhQUFhLENBQUMsQ0FBQztJQUNoQyxDQUFDO0lBRUQ7Ozs7Ozs7Ozs7T0FVRztJQUNJLGFBQWE7UUFDbEIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLGFBQWEsQ0FBQyxDQUFDO0lBQ2hDLENBQUM7SUFFRDs7Ozs7Ozs7Ozs7O09BWUc7SUFDSSxXQUFXO1FBQ2hCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxXQUFXLENBQUMsQ0FBQztJQUM5QixDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksc0JBQXNCO1FBQzNCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxzQkFBc0IsQ0FBQyxDQUFDO0lBQ3pDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxxQ0FBcUM7UUFDMUMsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLHFDQUFxQyxDQUFDLENBQUM7SUFDeEQsQ0FBQztJQUVEOzs7Ozs7Ozs7O09BVUc7SUFDSSxxQkFBcUI7UUFDMUIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLHFCQUFxQixDQUFDLENBQUM7SUFDeEMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLG9DQUFvQztRQUN6QyxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsb0NBQW9DLENBQUMsQ0FBQztJQUN2RCxDQUFDO0lBRUQ7Ozs7Ozs7OztPQVNHO0lBQ0ksYUFBYTtRQUNsQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsYUFBYSxDQUFDLENBQUM7SUFDaEMsQ0FBQztJQUVEOzs7Ozs7Ozs7OztPQVdHO0lBQ0ksV0FBVztRQUNoQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsV0FBVyxDQUFDLENBQUM7SUFDOUIsQ0FBQztJQUVEOzs7Ozs7Ozs7T0FTRztJQUNJLDZCQUE2QjtRQUNsQyxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsNkJBQTZCLENBQUMsQ0FBQztJQUNoRCxDQUFDO0lBRUQ7Ozs7Ozs7OztPQVNHO0lBQ0ksNEJBQTRCO1FBQ2pDLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyw0QkFBNEIsQ0FBQyxDQUFDO0lBQy9DLENBQUM7SUFFRDs7Ozs7Ozs7O09BU0c7SUFDSSxhQUFhO1FBQ2xCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxhQUFhLENBQUMsQ0FBQztJQUNoQyxDQUFDO0lBRUQ7Ozs7Ozs7OztPQVNHO0lBQ0kseUJBQXlCO1FBQzlCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyx5QkFBeUIsQ0FBQyxDQUFDO0lBQzVDLENBQUM7SUFFRDs7Ozs7Ozs7O09BU0c7SUFDSSxpQkFBaUI7UUFDdEIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLGlCQUFpQixDQUFDLENBQUM7SUFDcEMsQ0FBQztJQUVEOzs7Ozs7Ozs7O09BVUc7SUFDSSxVQUFVO1FBQ2YsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLFVBQVUsQ0FBQyxDQUFDO0lBQzdCLENBQUM7SUFFRDs7Ozs7Ozs7O09BU0c7SUFDSSw4QkFBOEI7UUFDbkMsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLDhCQUE4QixDQUFDLENBQUM7SUFDakQsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLGlDQUFpQztRQUN0QyxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsaUNBQWlDLENBQUMsQ0FBQztJQUNwRCxDQUFDO0lBRUQ7Ozs7Ozs7OztPQVNHO0lBQ0ksUUFBUTtRQUNiLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxRQUFRLENBQUMsQ0FBQztJQUMzQixDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksdUJBQXVCO1FBQzVCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyx1QkFBdUIsQ0FBQyxDQUFDO0lBQzFDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSx3QkFBd0I7UUFDN0IsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLHdCQUF3QixDQUFDLENBQUM7SUFDM0MsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLHdCQUF3QjtRQUM3QixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsd0JBQXdCLENBQUMsQ0FBQztJQUMzQyxDQUFDO0lBRUQ7Ozs7Ozs7OztPQVNHO0lBQ0kseUJBQXlCO1FBQzlCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyx5QkFBeUIsQ0FBQyxDQUFDO0lBQzVDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxtQkFBbUI7UUFDeEIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLG1CQUFtQixDQUFDLENBQUM7SUFDdEMsQ0FBQztJQUVEOzs7Ozs7Ozs7Ozs7Ozs7OztPQWlCRztJQUNJLFdBQVc7UUFDaEIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLFdBQVcsQ0FBQyxDQUFDO0lBQzlCLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxhQUFhO1FBQ2xCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxhQUFhLENBQUMsQ0FBQztJQUNoQyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksVUFBVTtRQUNmLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxVQUFVLENBQUMsQ0FBQztJQUM3QixDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0kscUJBQXFCO1FBQzFCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxxQkFBcUIsQ0FBQyxDQUFDO0lBQ3hDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxtQkFBbUI7UUFDeEIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLG1CQUFtQixDQUFDLENBQUM7SUFDdEMsQ0FBQztJQUVEOzs7Ozs7Ozs7T0FTRztJQUNJLGVBQWU7UUFDcEIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLGVBQWUsQ0FBQyxDQUFDO0lBQ2xDLENBQUM7SUFFRDs7Ozs7Ozs7O09BU0c7SUFDSSw2QkFBNkI7UUFDbEMsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLDZCQUE2QixDQUFDLENBQUM7SUFDaEQsQ0FBQztJQUVEOzs7Ozs7Ozs7T0FTRztJQUNJLFlBQVk7UUFDakIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLFlBQVksQ0FBQyxDQUFDO0lBQy9CLENBQUM7SUFFRDs7Ozs7Ozs7O09BU0c7SUFDSSxlQUFlO1FBQ3BCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxlQUFlLENBQUMsQ0FBQztJQUNsQyxDQUFDO0lBRUQ7Ozs7Ozs7OztPQVNHO0lBQ0ksY0FBYztRQUNuQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsY0FBYyxDQUFDLENBQUM7SUFDakMsQ0FBQztJQUVEOzs7Ozs7Ozs7O09BVUc7SUFDSSxhQUFhO1FBQ2xCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxhQUFhLENBQUMsQ0FBQztJQUNoQyxDQUFDO0lBRUQ7Ozs7Ozs7OztPQVNHO0lBQ0ksc0JBQXNCO1FBQzNCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxzQkFBc0IsQ0FBQyxDQUFDO0lBQ3pDLENBQUM7SUFFRDs7Ozs7Ozs7O09BU0c7SUFDSSxrQkFBa0I7UUFDdkIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLGtCQUFrQixDQUFDLENBQUM7SUFDckMsQ0FBQztJQUVEOzs7Ozs7Ozs7T0FTRztJQUNJLGVBQWU7UUFDcEIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLGVBQWUsQ0FBQyxDQUFDO0lBQ2xDLENBQUM7SUFFRDs7Ozs7Ozs7OztPQVVHO0lBQ0ksYUFBYTtRQUNsQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsYUFBYSxDQUFDLENBQUM7SUFDaEMsQ0FBQztJQUVEOzs7Ozs7Ozs7T0FTRztJQUNJLDZCQUE2QjtRQUNsQyxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsNkJBQTZCLENBQUMsQ0FBQztJQUNoRCxDQUFDO0lBRUQ7Ozs7Ozs7OztPQVNHO0lBQ0ksMEJBQTBCO1FBQy9CLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQywwQkFBMEIsQ0FBQyxDQUFDO0lBQzdDLENBQUM7SUFFRDs7Ozs7Ozs7O09BU0c7SUFDSSxXQUFXO1FBQ2hCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxXQUFXLENBQUMsQ0FBQztJQUM5QixDQUFDO0lBRUQ7Ozs7Ozs7OztPQVNHO0lBQ0ksZUFBZTtRQUNwQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsZUFBZSxDQUFDLENBQUM7SUFDbEMsQ0FBQztJQTZERDs7Ozs7Ozs7Ozs7T0FXRztJQUNJLEtBQUssQ0FBQyxLQUFhLEVBQUUsT0FBZ0IsRUFBRSxNQUFlLEVBQUUsU0FBa0I7UUFDL0UsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLE9BQVEsU0FBUyxJQUFJLElBQUksQ0FBQyxnQkFBaUIseUJBQTBCLE1BQU0sSUFBSSxJQUFJLENBQUMsYUFBYyxJQUFLLE9BQU8sSUFBSSxJQUFJLENBQUMsY0FBZSxRQUFTLEtBQU0sRUFBRSxDQUFDLENBQUM7SUFDMUssQ0FBQztJQUVEOzs7Ozs7Ozs7O09BVUc7SUFDSSxPQUFPLENBQUMsS0FBYSxFQUFFLE9BQWdCLEVBQUUsTUFBZSxFQUFFLFNBQWtCO1FBQ2pGLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxPQUFRLFNBQVMsSUFBSSxJQUFJLENBQUMsZ0JBQWlCLHlCQUEwQixNQUFNLElBQUksSUFBSSxDQUFDLGFBQWMsSUFBSyxPQUFPLElBQUksSUFBSSxDQUFDLGNBQWUsVUFBVyxLQUFNLEVBQUUsQ0FBQyxDQUFDO0lBQzVLLENBQUM7SUFFRDs7Ozs7Ozs7Ozs7O09BWUc7SUFDSSxjQUFjLENBQUMsY0FBc0IsRUFBRSxPQUFnQixFQUFFLE1BQWUsRUFBRSxTQUFrQjtRQUNqRyxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsT0FBUSxTQUFTLElBQUksSUFBSSxDQUFDLGdCQUFpQixRQUFTLE1BQU0sSUFBSSxJQUFJLENBQUMsYUFBYyxJQUFLLE9BQU8sSUFBSSxJQUFJLENBQUMsY0FBZSxrQkFBbUIsY0FBZSxFQUFFLENBQUMsQ0FBQztJQUM1SyxDQUFDO0lBRUQ7Ozs7Ozs7Ozs7Ozs7Ozs7T0FnQkc7SUFDSSxlQUFlLENBQUMsTUFBYyxFQUFFLEtBQXdCLEVBQUUsUUFBNEI7UUFDM0YsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLGtCQUFtQixNQUFPLEVBQUUsRUFBRSxLQUFLLEVBQUUsUUFBUSxJQUFJLFlBQVksQ0FBQyxDQUFDO0lBQ2hGLENBQUM7SUFFRDs7Ozs7Ozs7Ozs7O09BWUc7SUFDSSxnQkFBZ0IsQ0FBQyxNQUFjLEVBQUUsS0FBd0IsRUFBRSxRQUE0QjtRQUM1RixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsbUJBQW9CLE1BQU8sRUFBRSxFQUFFLEtBQUssRUFBRSxRQUFRLElBQUksWUFBWSxDQUFDLENBQUM7SUFDakYsQ0FBQztJQUVEOzs7Ozs7Ozs7Ozs7Ozs7O09BZ0JHO0lBQ0ksWUFBWSxDQUFDLEtBQXdCLEVBQUUsUUFBNEI7UUFDeEUsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLGFBQWEsRUFBRSxLQUFLLEVBQUUsUUFBUSxJQUFJLFlBQVksQ0FBQyxDQUFDO0lBQ2pFLENBQUM7SUFFRDs7Ozs7Ozs7O09BU0c7SUFDSSx5Q0FBeUMsQ0FBQyxLQUF3QixFQUFFLFFBQTRCO1FBQ3JHLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyx5Q0FBeUMsRUFBRSxLQUFLLEVBQUUsUUFBUSxJQUFJLFlBQVksQ0FBQyxDQUFDO0lBQzdGLENBQUM7SUFFRDs7Ozs7Ozs7T0FRRztJQUNJLG1CQUFtQixDQUFDLEtBQXdCLEVBQUUsUUFBNEI7UUFDL0UsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLG1CQUFtQixFQUFFLEtBQUssRUFBRSxRQUFRLElBQUksWUFBWSxDQUFDLENBQUM7SUFDdkUsQ0FBQztJQUVEOzs7Ozs7OztPQVFHO0lBQ0ksY0FBYyxDQUFDLEtBQXdCLEVBQUUsUUFBNEI7UUFDMUUsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLGNBQWMsRUFBRSxLQUFLLEVBQUUsUUFBUSxJQUFJLFlBQVksQ0FBQyxDQUFDO0lBQ2xFLENBQUM7SUFFRDs7Ozs7Ozs7T0FRRztJQUNJLFVBQVUsQ0FBQyxLQUF3QixFQUFFLFFBQTRCO1FBQ3RFLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxVQUFVLEVBQUUsS0FBSyxFQUFFLFFBQVEsSUFBSSxZQUFZLENBQUMsQ0FBQztJQUM5RCxDQUFDO0lBRUQ7Ozs7Ozs7O09BUUc7SUFDSSxVQUFVLENBQUMsS0FBd0IsRUFBRSxRQUE0QjtRQUN0RSxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsVUFBVSxFQUFFLEtBQUssRUFBRSxRQUFRLElBQUksWUFBWSxDQUFDLENBQUM7SUFDOUQsQ0FBQztJQUVEOzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7O09BK0JHO0lBQ0ksY0FBYyxDQUFDLEtBQXdCLEVBQUUsUUFBNEI7UUFDMUUsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLGNBQWMsRUFBRSxLQUFLLEVBQUUsUUFBUSxJQUFJLFlBQVksQ0FBQyxDQUFDO0lBQ2xFLENBQUM7SUFFRDs7Ozs7Ozs7O09BU0c7SUFDSSxpQkFBaUIsQ0FBQyxLQUF3QixFQUFFLFFBQTRCO1FBQzdFLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxpQkFBaUIsRUFBRSxLQUFLLEVBQUUsUUFBUSxJQUFJLFlBQVksQ0FBQyxDQUFDO0lBQ3JFLENBQUM7SUFFRDs7Ozs7Ozs7O09BU0c7SUFDSSx1QkFBdUIsQ0FBQyxLQUF3QixFQUFFLFFBQTRCO1FBQ25GLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyx1QkFBdUIsRUFBRSxLQUFLLEVBQUUsUUFBUSxJQUFJLFlBQVksQ0FBQyxDQUFDO0lBQzNFLENBQUM7SUFFRDs7O09BR0c7SUFDSCxZQUFZLEtBQWdDO1FBQzFDLEtBQUssQ0FBQyxLQUFLLENBQUMsQ0FBQztRQXY2QlIsa0JBQWEsR0FBRyxzQkFBc0IsQ0FBQztRQTBuQnBDLG9CQUFlLEdBQW9CO1lBQzNDLEtBQUssRUFBRTtnQkFDTCwwQkFBMEI7Z0JBQzFCLGtCQUFrQjtnQkFDbEIsYUFBYTtnQkFDYixXQUFXO2dCQUNYLGFBQWE7Z0JBQ2IsYUFBYTtnQkFDYixXQUFXO2dCQUNYLHFDQUFxQztnQkFDckMscUJBQXFCO2dCQUNyQixvQ0FBb0M7Z0JBQ3BDLGFBQWE7Z0JBQ2IsV0FBVztnQkFDWCw2QkFBNkI7Z0JBQzdCLDRCQUE0QjtnQkFDNUIsYUFBYTtnQkFDYix5QkFBeUI7Z0JBQ3pCLGlCQUFpQjtnQkFDakIsV0FBVztnQkFDWCxlQUFlO2dCQUNmLDZCQUE2QjtnQkFDN0IsWUFBWTtnQkFDWixlQUFlO2dCQUNmLGNBQWM7Z0JBQ2Qsc0JBQXNCO2dCQUN0QixrQkFBa0I7Z0JBQ2xCLGFBQWE7Z0JBQ2IsNkJBQTZCO2dCQUM3QiwwQkFBMEI7Z0JBQzFCLFdBQVc7Z0JBQ1gsZUFBZTthQUNoQjtZQUNELHdCQUF3QixFQUFFO2dCQUN4QixzQkFBc0I7Z0JBQ3RCLG1CQUFtQjthQUNwQjtZQUNELElBQUksRUFBRTtnQkFDSixVQUFVO2dCQUNWLDhCQUE4QjtnQkFDOUIsaUNBQWlDO2dCQUNqQyxRQUFRO2dCQUNSLHVCQUF1QjtnQkFDdkIsd0JBQXdCO2dCQUN4Qix3QkFBd0I7Z0JBQ3hCLHlCQUF5QjtnQkFDekIsbUJBQW1CO2dCQUNuQixxQkFBcUI7YUFDdEI7WUFDRCxJQUFJLEVBQUU7Z0JBQ0osYUFBYTtnQkFDYixVQUFVO2FBQ1g7WUFDRCxPQUFPLEVBQUU7Z0JBQ1AsYUFBYTtnQkFDYixlQUFlO2FBQ2hCO1NBQ0YsQ0FBQztJQXFQRixDQUFDO0NBQ0Y7QUExNkJELGtEQTA2QkMiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgeyBBY2Nlc3NMZXZlbExpc3QgfSBmcm9tICcuLi8uLi9zaGFyZWQvYWNjZXNzLWxldmVsJztcbmltcG9ydCB7IFBvbGljeVN0YXRlbWVudCwgT3BlcmF0b3IgfSBmcm9tICcuLi8uLi9zaGFyZWQnO1xuaW1wb3J0IHsgYXdzX2lhbSBhcyBpYW0gfSBmcm9tIFwiYXdzLWNkay1saWJcIjtcblxuLyoqXG4gKiBTdGF0ZW1lbnQgcHJvdmlkZXIgZm9yIHNlcnZpY2UgW3BheW1lbnQtY3J5cHRvZ3JhcGh5XShodHRwczovL2RvY3MuYXdzLmFtYXpvbi5jb20vc2VydmljZS1hdXRob3JpemF0aW9uL2xhdGVzdC9yZWZlcmVuY2UvbGlzdF9hd3NwYXltZW50Y3J5cHRvZ3JhcGh5Lmh0bWwpLlxuICpcbiAqIEBwYXJhbSBzaWQgW1NJRF0oaHR0cHM6Ly9kb2NzLmF3cy5hbWF6b24uY29tL0lBTS9sYXRlc3QvVXNlckd1aWRlL3JlZmVyZW5jZV9wb2xpY2llc19lbGVtZW50c19zaWQuaHRtbCkgb2YgdGhlIHN0YXRlbWVudFxuICovXG5leHBvcnQgY2xhc3MgUGF5bWVudENyeXB0b2dyYXBoeSBleHRlbmRzIFBvbGljeVN0YXRlbWVudCB7XG4gIHB1YmxpYyBzZXJ2aWNlUHJlZml4ID0gJ3BheW1lbnQtY3J5cHRvZ3JhcGh5JztcblxuICAvKipcbiAgICogR3JhbnRzIHBlcm1pc3Npb24gdG8gYWRkIHJlcGxpY2F0aW9uIHJlZ2lvbnMgdG8gYW4gZXhpc3RpbmcgQVdTIFBheW1lbnQgQ3J5cHRvZ3JhcGh5IGtleVxuICAgKlxuICAgKiBBY2Nlc3MgTGV2ZWw6IFdyaXRlXG4gICAqXG4gICAqIFBvc3NpYmxlIGNvbmRpdGlvbnM6XG4gICAqIC0gLmlmUmVxdWVzdEFsaWFzKClcbiAgICpcbiAgICogaHR0cHM6Ly9kb2NzLmF3cy5hbWF6b24uY29tL3BheW1lbnQtY3J5cHRvZ3JhcGh5L2xhdGVzdC9BUElSZWZlcmVuY2UvQVBJX0FkZEtleVJlcGxpY2F0aW9uUmVnaW9ucy5odG1sXG4gICAqL1xuICBwdWJsaWMgdG9BZGRLZXlSZXBsaWNhdGlvblJlZ2lvbnMoKSB7XG4gICAgcmV0dXJuIHRoaXMudG8oJ0FkZEtleVJlcGxpY2F0aW9uUmVnaW9ucycpO1xuICB9XG5cbiAgLyoqXG4gICAqIEdyYW50cyBwZXJtaXNzaW9uIHRvIGFzc29jaWF0ZSBhbiBNUEEgYXBwcm92YWwgdGVhbSB3aXRoIGEgcGF5bWVudCBjcnlwdG9ncmFwaHkgYWN0aW9uXG4gICAqXG4gICAqIEFjY2VzcyBMZXZlbDogV3JpdGVcbiAgICpcbiAgICogRGVwZW5kZW50IGFjdGlvbnM6XG4gICAqIC0gbXBhOkNhbmNlbFNlc3Npb25cbiAgICogLSBtcGE6R2V0QXBwcm92YWxUZWFtXG4gICAqIC0gbXBhOlN0YXJ0U2Vzc2lvblxuICAgKlxuICAgKiBodHRwczovL2RvY3MuYXdzLmFtYXpvbi5jb20vcGF5bWVudC1jcnlwdG9ncmFwaHkvbGF0ZXN0L0FQSVJlZmVyZW5jZS9BUElfQXNzb2NpYXRlTXBhVGVhbS5odG1sXG4gICAqL1xuICBwdWJsaWMgdG9Bc3NvY2lhdGVNcGFUZWFtKCkge1xuICAgIHJldHVybiB0aGlzLnRvKCdBc3NvY2lhdGVNcGFUZWFtJyk7XG4gIH1cblxuICAvKipcbiAgICogR3JhbnRzIHBlcm1pc3Npb24gdG8gY3JlYXRlIGEgdXNlci1mcmllbmRseSBuYW1lIGZvciBhIEtleVxuICAgKlxuICAgKiBBY2Nlc3MgTGV2ZWw6IFdyaXRlXG4gICAqXG4gICAqIGh0dHBzOi8vZG9jcy5hd3MuYW1hem9uLmNvbS9wYXltZW50LWNyeXB0b2dyYXBoeS9sYXRlc3QvQVBJUmVmZXJlbmNlL0FQSV9DcmVhdGVBbGlhcy5odG1sXG4gICAqL1xuICBwdWJsaWMgdG9DcmVhdGVBbGlhcygpIHtcbiAgICByZXR1cm4gdGhpcy50bygnQ3JlYXRlQWxpYXMnKTtcbiAgfVxuXG4gIC8qKlxuICAgKiBHcmFudHMgcGVybWlzc2lvbiB0byBjcmVhdGUgYSB1bmlxdWUgY3VzdG9tZXIgbWFuYWdlZCBrZXkgaW4gdGhlIGNhbGxlcidzIEFXUyBhY2NvdW50IGFuZCByZWdpb25cbiAgICpcbiAgICogQWNjZXNzIExldmVsOiBXcml0ZVxuICAgKlxuICAgKiBQb3NzaWJsZSBjb25kaXRpb25zOlxuICAgKiAtIC5pZkF3c1JlcXVlc3RUYWcoKVxuICAgKiAtIC5pZkF3c1RhZ0tleXMoKVxuICAgKiAtIC5pZktleUNsYXNzKClcbiAgICogLSAuaWZLZXlVc2FnZSgpXG4gICAqIC0gLmlmS2V5QWxnb3JpdGhtKClcbiAgICpcbiAgICogRGVwZW5kZW50IGFjdGlvbnM6XG4gICAqIC0gcGF5bWVudC1jcnlwdG9ncmFwaHk6VGFnUmVzb3VyY2VcbiAgICpcbiAgICogaHR0cHM6Ly9kb2NzLmF3cy5hbWF6b24uY29tL3BheW1lbnQtY3J5cHRvZ3JhcGh5L2xhdGVzdC9BUElSZWZlcmVuY2UvQVBJX0NyZWF0ZUtleS5odG1sXG4gICAqL1xuICBwdWJsaWMgdG9DcmVhdGVLZXkoKSB7XG4gICAgcmV0dXJuIHRoaXMudG8oJ0NyZWF0ZUtleScpO1xuICB9XG5cbiAgLyoqXG4gICAqIEdyYW50cyBwZXJtaXNzaW9uIHRvIGRlY3J5cHQgY2lwaGVydGV4dCBkYXRhIHRvIHBsYWludGV4dCB1c2luZyBzeW1tZXRyaWMsIGFzeW1tZXRyaWMgb3IgRFVLUFQgZGF0YSBlbmNyeXB0aW9uIGtleVxuICAgKlxuICAgKiBBY2Nlc3MgTGV2ZWw6IFdyaXRlXG4gICAqXG4gICAqIFBvc3NpYmxlIGNvbmRpdGlvbnM6XG4gICAqIC0gLmlmUmVxdWVzdEFsaWFzKClcbiAgICpcbiAgICogaHR0cHM6Ly9kb2NzLmF3cy5hbWF6b24uY29tL3BheW1lbnQtY3J5cHRvZ3JhcGh5L2xhdGVzdC9EYXRhQVBJUmVmZXJlbmNlL0FQSV9EZWNyeXB0RGF0YS5odG1sXG4gICAqL1xuICBwdWJsaWMgdG9EZWNyeXB0RGF0YSgpIHtcbiAgICByZXR1cm4gdGhpcy50bygnRGVjcnlwdERhdGEnKTtcbiAgfVxuXG4gIC8qKlxuICAgKiBHcmFudHMgcGVybWlzc2lvbiB0byBkZWxldGUgdGhlIHNwZWNpZmllZCBhbGlhc1xuICAgKlxuICAgKiBBY2Nlc3MgTGV2ZWw6IFdyaXRlXG4gICAqXG4gICAqIFBvc3NpYmxlIGNvbmRpdGlvbnM6XG4gICAqIC0gLmlmQXdzUmVxdWVzdFRhZygpXG4gICAqIC0gLmlmQXdzVGFnS2V5cygpXG4gICAqXG4gICAqIGh0dHBzOi8vZG9jcy5hd3MuYW1hem9uLmNvbS9wYXltZW50LWNyeXB0b2dyYXBoeS9sYXRlc3QvQVBJUmVmZXJlbmNlL0FQSV9EZWxldGVBbGlhcy5odG1sXG4gICAqL1xuICBwdWJsaWMgdG9EZWxldGVBbGlhcygpIHtcbiAgICByZXR1cm4gdGhpcy50bygnRGVsZXRlQWxpYXMnKTtcbiAgfVxuXG4gIC8qKlxuICAgKiBHcmFudHMgcGVybWlzc2lvbiB0byBzY2hlZHVsZSB0aGUgZGVsZXRpb24gb2YgYSBLZXlcbiAgICpcbiAgICogQWNjZXNzIExldmVsOiBXcml0ZVxuICAgKlxuICAgKiBQb3NzaWJsZSBjb25kaXRpb25zOlxuICAgKiAtIC5pZlJlcXVlc3RBbGlhcygpXG4gICAqXG4gICAqIERlcGVuZGVudCBhY3Rpb25zOlxuICAgKiAtIG1wYTpDYW5jZWxTZXNzaW9uXG4gICAqXG4gICAqIGh0dHBzOi8vZG9jcy5hd3MuYW1hem9uLmNvbS9wYXltZW50LWNyeXB0b2dyYXBoeS9sYXRlc3QvQVBJUmVmZXJlbmNlL0FQSV9EZWxldGVLZXkuaHRtbFxuICAgKi9cbiAgcHVibGljIHRvRGVsZXRlS2V5KCkge1xuICAgIHJldHVybiB0aGlzLnRvKCdEZWxldGVLZXknKTtcbiAgfVxuXG4gIC8qKlxuICAgKiBHcmFudHMgcGVybWlzc2lvbiB0byBkZWxldGUgdGhlIHJlc291cmNlLWJhc2VkIHBvbGljeSBhdHRhY2hlZCB0byBhIGtleVxuICAgKlxuICAgKiBBY2Nlc3MgTGV2ZWw6IFBlcm1pc3Npb25zIG1hbmFnZW1lbnRcbiAgICpcbiAgICogaHR0cHM6Ly9kb2NzLmF3cy5hbWF6b24uY29tL3BheW1lbnQtY3J5cHRvZ3JhcGh5L2xhdGVzdC9BUElSZWZlcmVuY2UvQVBJX0RlbGV0ZVJlc291cmNlUG9saWN5Lmh0bWxcbiAgICovXG4gIHB1YmxpYyB0b0RlbGV0ZVJlc291cmNlUG9saWN5KCkge1xuICAgIHJldHVybiB0aGlzLnRvKCdEZWxldGVSZXNvdXJjZVBvbGljeScpO1xuICB9XG5cbiAgLyoqXG4gICAqIEdyYW50cyBwZXJtaXNzaW9uIHRvIGRpc2FibGUgZGVmYXVsdCBrZXkgcmVwbGljYXRpb24gcmVnaW9ucyBmb3IgYWNjb3VudC1sZXZlbCByZXBsaWNhdGlvblxuICAgKlxuICAgKiBBY2Nlc3MgTGV2ZWw6IFdyaXRlXG4gICAqXG4gICAqIGh0dHBzOi8vZG9jcy5hd3MuYW1hem9uLmNvbS9wYXltZW50LWNyeXB0b2dyYXBoeS9sYXRlc3QvQVBJUmVmZXJlbmNlL0FQSV9EaXNhYmxlRGVmYXVsdEtleVJlcGxpY2F0aW9uUmVnaW9ucy5odG1sXG4gICAqL1xuICBwdWJsaWMgdG9EaXNhYmxlRGVmYXVsdEtleVJlcGxpY2F0aW9uUmVnaW9ucygpIHtcbiAgICByZXR1cm4gdGhpcy50bygnRGlzYWJsZURlZmF1bHRLZXlSZXBsaWNhdGlvblJlZ2lvbnMnKTtcbiAgfVxuXG4gIC8qKlxuICAgKiBHcmFudHMgcGVybWlzc2lvbiB0byBkaXNhc3NvY2lhdGUgYW4gTVBBIGFwcHJvdmFsIHRlYW0gZnJvbSBhIHBheW1lbnQgY3J5cHRvZ3JhcGh5IGFjdGlvblxuICAgKlxuICAgKiBBY2Nlc3MgTGV2ZWw6IFdyaXRlXG4gICAqXG4gICAqIERlcGVuZGVudCBhY3Rpb25zOlxuICAgKiAtIG1wYTpDYW5jZWxTZXNzaW9uXG4gICAqIC0gbXBhOlN0YXJ0U2Vzc2lvblxuICAgKlxuICAgKiBodHRwczovL2RvY3MuYXdzLmFtYXpvbi5jb20vcGF5bWVudC1jcnlwdG9ncmFwaHkvbGF0ZXN0L0FQSVJlZmVyZW5jZS9BUElfRGlzYXNzb2NpYXRlTXBhVGVhbS5odG1sXG4gICAqL1xuICBwdWJsaWMgdG9EaXNhc3NvY2lhdGVNcGFUZWFtKCkge1xuICAgIHJldHVybiB0aGlzLnRvKCdEaXNhc3NvY2lhdGVNcGFUZWFtJyk7XG4gIH1cblxuICAvKipcbiAgICogR3JhbnRzIHBlcm1pc3Npb24gdG8gZW5hYmxlIGRlZmF1bHQga2V5IHJlcGxpY2F0aW9uIHJlZ2lvbnMgZm9yIGFjY291bnQtbGV2ZWwgcmVwbGljYXRpb25cbiAgICpcbiAgICogQWNjZXNzIExldmVsOiBXcml0ZVxuICAgKlxuICAgKiBodHRwczovL2RvY3MuYXdzLmFtYXpvbi5jb20vcGF5bWVudC1jcnlwdG9ncmFwaHkvbGF0ZXN0L0FQSVJlZmVyZW5jZS9BUElfRW5hYmxlRGVmYXVsdEtleVJlcGxpY2F0aW9uUmVnaW9ucy5odG1sXG4gICAqL1xuICBwdWJsaWMgdG9FbmFibGVEZWZhdWx0S2V5UmVwbGljYXRpb25SZWdpb25zKCkge1xuICAgIHJldHVybiB0aGlzLnRvKCdFbmFibGVEZWZhdWx0S2V5UmVwbGljYXRpb25SZWdpb25zJyk7XG4gIH1cblxuICAvKipcbiAgICogR3JhbnRzIHBlcm1pc3Npb24gdG8gZW5jcnlwdCBwbGFpbnRleHQgZGF0YSB0byBjaXBoZXJ0ZXh0IHVzaW5nIHN5bW1ldHJpYywgYXN5bW1ldHJpYyBvciBEVUtQVCBkYXRhIGVuY3J5cHRpb24ga2V5XG4gICAqXG4gICAqIEFjY2VzcyBMZXZlbDogV3JpdGVcbiAgICpcbiAgICogUG9zc2libGUgY29uZGl0aW9uczpcbiAgICogLSAuaWZSZXF1ZXN0QWxpYXMoKVxuICAgKlxuICAgKiBodHRwczovL2RvY3MuYXdzLmFtYXpvbi5jb20vcGF5bWVudC1jcnlwdG9ncmFwaHkvbGF0ZXN0L0RhdGFBUElSZWZlcmVuY2UvQVBJX0VuY3J5cHREYXRhLmh0bWxcbiAgICovXG4gIHB1YmxpYyB0b0VuY3J5cHREYXRhKCkge1xuICAgIHJldHVybiB0aGlzLnRvKCdFbmNyeXB0RGF0YScpO1xuICB9XG5cbiAgLyoqXG4gICAqIEdyYW50cyBwZXJtaXNzaW9uIHRvIGV4cG9ydCBhIGtleSBmcm9tIHRoZSBzZXJ2aWNlXG4gICAqXG4gICAqIEFjY2VzcyBMZXZlbDogV3JpdGVcbiAgICpcbiAgICogUG9zc2libGUgY29uZGl0aW9uczpcbiAgICogLSAuaWZSZXF1ZXN0QWxpYXMoKVxuICAgKiAtIC5pZkNlcnRpZmljYXRlQXV0aG9yaXR5UHVibGljS2V5SWRlbnRpZmllcigpXG4gICAqIC0gLmlmV3JhcHBpbmdLZXlJZGVudGlmaWVyKClcbiAgICpcbiAgICogaHR0cHM6Ly9kb2NzLmF3cy5hbWF6b24uY29tL3BheW1lbnQtY3J5cHRvZ3JhcGh5L2xhdGVzdC9BUElSZWZlcmVuY2UvQVBJX0V4cG9ydEtleS5odG1sXG4gICAqL1xuICBwdWJsaWMgdG9FeHBvcnRLZXkoKSB7XG4gICAgcmV0dXJuIHRoaXMudG8oJ0V4cG9ydEtleScpO1xuICB9XG5cbiAgLyoqXG4gICAqIEdyYW50cyBwZXJtaXNzaW9uIHRvIGdlbmVyYXRlIGEgS2VrVmFsaWRhdGlvblJlcXVlc3Qgb3IgYSBLZWtWYWxpZGF0aW9uUmVzcG9uc2UgZm9yIG5vZGUtdG8tbm9kZSBpbml0aWFsaXphdGlvbiBiZXR3ZWVuIHBheW1lbnQgcHJvY2Vzc2luZyBub2RlcyB1c2luZyBBdXN0cmFsaWFuIFN0YW5kYXJkIDI4MDUgKEFTMjgwNSlcbiAgICpcbiAgICogQWNjZXNzIExldmVsOiBXcml0ZVxuICAgKlxuICAgKiBQb3NzaWJsZSBjb25kaXRpb25zOlxuICAgKiAtIC5pZlJlcXVlc3RBbGlhcygpXG4gICAqXG4gICAqIGh0dHBzOi8vZG9jcy5hd3MuYW1hem9uLmNvbS9wYXltZW50LWNyeXB0b2dyYXBoeS9sYXRlc3QvRGF0YUFQSVJlZmVyZW5jZS9BUElfR2VuZXJhdGVBczI4MDVLZWtWYWxpZGF0aW9uLmh0bWxcbiAgICovXG4gIHB1YmxpYyB0b0dlbmVyYXRlQXMyODA1S2VrVmFsaWRhdGlvbigpIHtcbiAgI