cdk-iam-floyd
Version:
AWS IAM policy statement generator with fluent interface for AWS CDK
1,380 lines • 127 kB
JavaScript
"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.Qbusiness = void 0;
const shared_1 = require("../../shared");
/**
* Statement provider for service [qbusiness](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonqbusiness.html).
*
* @param sid [SID](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_sid.html) of the statement
*/
class Qbusiness extends shared_1.PolicyStatement {
/**
* Grants permission to configure vended log delivery for Amazon Q Business application resource
*
* Access Level: Permissions management
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
toAllowVendedLogDeliveryForResource() {
return this.to('AllowVendedLogDeliveryForResource');
}
/**
* Grants permission to associate resource based policy statement to the application
*
* Access Level: Write
*
* Dependent actions:
* - qbusiness:PutResourcePolicy
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_AssociatePermission.html
*/
toAssociatePermission() {
return this.to('AssociatePermission');
}
/**
* Grants permission to batch delete document
*
* Access Level: Write
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_BatchDeleteDocument.html
*/
toBatchDeleteDocument() {
return this.to('BatchDeleteDocument');
}
/**
* Grants permission to batch put document
*
* Access Level: Write
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_BatchPutDocument.html
*/
toBatchPutDocument() {
return this.to('BatchPutDocument');
}
/**
* Grants permission to cancel a subscription
*
* Access Level: Write
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_CancelSubscription.html
*/
toCancelSubscription() {
return this.to('CancelSubscription');
}
/**
* Grants permission to chat using an application
*
* Access Level: Read
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_Chat.html
*/
toChat() {
return this.to('Chat');
}
/**
* Grants permission to chat synchronously using an application
*
* Access Level: Read
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_ChatSync.html
*/
toChatSync() {
return this.to('ChatSync');
}
/**
* Grants permission to check if a user has access to a document
*
* Access Level: Read
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_CheckDocumentAccess.html
*/
toCheckDocumentAccess() {
return this.to('CheckDocumentAccess');
}
/**
* Grants permission to create a unique URL for anonymous Amazon Q Business web experience
*
* Access Level: Write
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_CreateAnonymousWebExperienceUrl.html
*/
toCreateAnonymousWebExperienceUrl() {
return this.to('CreateAnonymousWebExperienceUrl');
}
/**
* Grants permission to create an application
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_CreateApplication.html
*/
toCreateApplication() {
return this.to('CreateApplication');
}
/**
* Grants permission to create a chat response configuration to the application
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_CreateChatResponseConfiguration.html
*/
toCreateChatResponseConfiguration() {
return this.to('CreateChatResponseConfiguration');
}
/**
* Grants permission to create DataAccessor to the application
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* Dependent actions:
* - qbusiness:CreateDataAccessorWithTti
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_CreateDataAccessor.html
*/
toCreateDataAccessor() {
return this.to('CreateDataAccessor');
}
/**
* Grants permission to create AWS IAM Identity center Trusted Token Issuer based DataAccessor to the application
*
* Access Level: Write
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_CreateDataAccessor.html
*/
toCreateDataAccessorWithTti() {
return this.to('CreateDataAccessorWithTti');
}
/**
* Grants permission to create a data source for a given application and index
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_CreateDataSource.html
*/
toCreateDataSource() {
return this.to('CreateDataSource');
}
/**
* Grants permission to create an index for a given application
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_CreateIndex.html
*/
toCreateIndex() {
return this.to('CreateIndex');
}
/**
* Grants permission to create a new integration for a Q Business application
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_CreateIntegration.html
*/
toCreateIntegration() {
return this.to('CreateIntegration');
}
/**
* Grants permission to create a plugin for a given application
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_CreatePlugin.html
*/
toCreatePlugin() {
return this.to('CreatePlugin');
}
/**
* Grants permission to create a retriever for a given application
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_CreateRetriever.html
*/
toCreateRetriever() {
return this.to('CreateRetriever');
}
/**
* Grants permission to create a subscription
*
* Access Level: Write
*
* Possible conditions:
* - .ifIdentitystoreUserId()
* - .ifIdentitystoreGroupId()
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_CreateSubscription.html
*/
toCreateSubscription() {
return this.to('CreateSubscription');
}
/**
* Grants permission to create a user
*
* Access Level: Write
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_CreateUser.html
*/
toCreateUser() {
return this.to('CreateUser');
}
/**
* Grants permission to create a web experience for a given application
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_CreateWebExperience.html
*/
toCreateWebExperience() {
return this.to('CreateWebExperience');
}
/**
* Grants permission to delete an application
*
* Access Level: Write
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_DeleteApplication.html
*/
toDeleteApplication() {
return this.to('DeleteApplication');
}
/**
* Grants permission to delete an attachment in the current chat context
*
* Access Level: Write
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_DeleteAttachment.html
*/
toDeleteAttachment() {
return this.to('DeleteAttachment');
}
/**
* Grants permission to delete chat controls configuration for an application
*
* Access Level: Write
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_DeleteChatControlsConfiguration.html
*/
toDeleteChatControlsConfiguration() {
return this.to('DeleteChatControlsConfiguration');
}
/**
* Grants permission to delete a chat response configuration
*
* Access Level: Write
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_DeleteChatResponseConfiguration.html
*/
toDeleteChatResponseConfiguration() {
return this.to('DeleteChatResponseConfiguration');
}
/**
* Grants permission to delete a conversation
*
* Access Level: Write
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_DeleteConversation.html
*/
toDeleteConversation() {
return this.to('DeleteConversation');
}
/**
* Grants permission to delete DataAccessor
*
* Access Level: Write
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_DeleteDataAccessor.html
*/
toDeleteDataAccessor() {
return this.to('DeleteDataAccessor');
}
/**
* Grants permission to delete a DataSource
*
* Access Level: Write
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_DeleteDataSource.html
*/
toDeleteDataSource() {
return this.to('DeleteDataSource');
}
/**
* Grants permission to delete a group
*
* Access Level: Write
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_DeleteGroup.html
*/
toDeleteGroup() {
return this.to('DeleteGroup');
}
/**
* Grants permission to delete an index
*
* Access Level: Write
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_DeleteIndex.html
*/
toDeleteIndex() {
return this.to('DeleteIndex');
}
/**
* Grants permission to delete an integration for a Q Business application
*
* Access Level: Write
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_DeleteIntegration.html
*/
toDeleteIntegration() {
return this.to('DeleteIntegration');
}
/**
* Grants permission to delete a plugin
*
* Access Level: Write
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_DeletePlugin.html
*/
toDeletePlugin() {
return this.to('DeletePlugin');
}
/**
* Grants permission to delete a retriever
*
* Access Level: Write
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_DeleteRetriever.html
*/
toDeleteRetriever() {
return this.to('DeleteRetriever');
}
/**
* Grants permission to delete a user
*
* Access Level: Write
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_DeleteUser.html
*/
toDeleteUser() {
return this.to('DeleteUser');
}
/**
* Grants permission to delete a web-experience
*
* Access Level: Write
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_DeleteWebExperience.html
*/
toDeleteWebExperience() {
return this.to('DeleteWebExperience');
}
/**
* Grants permission to disable the ACL crawl while creating the Amazon Q Business data source resource
*
* Access Level: Write
*/
toDisableAclOnDataSource() {
return this.to('DisableAclOnDataSource');
}
/**
* Grants permission to disassociate resource based policy statement to the application
*
* Access Level: Write
*
* Dependent actions:
* - qbusiness:PutResourcePolicy
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_DisassociatePermission.html
*/
toDisassociatePermission() {
return this.to('DisassociatePermission');
}
/**
* Grants permission to get an application
*
* Access Level: Read
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_GetApplication.html
*/
toGetApplication() {
return this.to('GetApplication');
}
/**
* Grants permission to get chat controls configuration for an application
*
* Access Level: List
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_GetChatControlsConfiguration.html
*/
toGetChatControlsConfiguration() {
return this.to('GetChatControlsConfiguration');
}
/**
* Grants permission to get a chat response configuration
*
* Access Level: Read
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_GetChatResponseConfiguration.html
*/
toGetChatResponseConfiguration() {
return this.to('GetChatResponseConfiguration');
}
/**
* Grants permission to get DataAccessor
*
* Access Level: Read
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_GetDataAccessor.html
*/
toGetDataAccessor() {
return this.to('GetDataAccessor');
}
/**
* Grants permission to get a data source
*
* Access Level: Read
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_GetDataSource.html
*/
toGetDataSource() {
return this.to('GetDataSource');
}
/**
* Grants permission to get a document content
*
* Access Level: Read
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_GetDocumentContent.html
*/
toGetDocumentContent() {
return this.to('GetDocumentContent');
}
/**
* Grants permission to get a group
*
* Access Level: Read
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_GetGroup.html
*/
toGetGroup() {
return this.to('GetGroup');
}
/**
* Grants permission to get an index
*
* Access Level: Read
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_GetIndex.html
*/
toGetIndex() {
return this.to('GetIndex');
}
/**
* Grants permission to get an integration for a Q Business application
*
* Access Level: Read
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_GetIntegration.html
*/
toGetIntegration() {
return this.to('GetIntegration');
}
/**
* Grants permission to get the media associated to a system message
*
* Access Level: Read
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_GetMedia.html
*/
toGetMedia() {
return this.to('GetMedia');
}
/**
* Grants permission to get a plugin
*
* Access Level: Read
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_GetPlugin.html
*/
toGetPlugin() {
return this.to('GetPlugin');
}
/**
* Grants permission to get resource based policy of the application
*
* Access Level: Read
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_GetPolicy.html
*/
toGetPolicy() {
return this.to('GetPolicy');
}
/**
* Grants permission to get a retriever
*
* Access Level: Read
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_GetRetriever.html
*/
toGetRetriever() {
return this.to('GetRetriever');
}
/**
* Grants permission to get a user
*
* Access Level: Read
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_GetUser.html
*/
toGetUser() {
return this.to('GetUser');
}
/**
* Grants permission to get a web-experience
*
* Access Level: Read
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_GetWebExperience.html
*/
toGetWebExperience() {
return this.to('GetWebExperience');
}
/**
* Grants permission to list the applications
*
* Access Level: List
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_ListApplications.html
*/
toListApplications() {
return this.to('ListApplications');
}
/**
* Grants permission to list attachments in the current chat context
*
* Access Level: List
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_ListAttachments.html
*/
toListAttachments() {
return this.to('ListAttachments');
}
/**
* Grants permission to list chat response configurations for an application
*
* Access Level: List
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_ListChatResponseConfigurations.html
*/
toListChatResponseConfigurations() {
return this.to('ListChatResponseConfigurations');
}
/**
* Grants permission to list all conversations for an application
*
* Access Level: List
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_ListConversations.html
*/
toListConversations() {
return this.to('ListConversations');
}
/**
* Grants permission to list DataAccessors for the application
*
* Access Level: List
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_ListDataAccessors.html
*/
toListDataAccessors() {
return this.to('ListDataAccessors');
}
/**
* Grants permission to get Data Source sync job history
*
* Access Level: List
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_ListDataSourceSyncJobs.html
*/
toListDataSourceSyncJobs() {
return this.to('ListDataSourceSyncJobs');
}
/**
* Grants permission to list the data sources of an application and an index
*
* Access Level: List
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_ListDataSources.html
*/
toListDataSources() {
return this.to('ListDataSources');
}
/**
* Grants permission to list all documents
*
* Access Level: List
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_ListDocuments.html
*/
toListDocuments() {
return this.to('ListDocuments');
}
/**
* Grants permission to list groups
*
* Access Level: List
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_ListGroups.html
*/
toListGroups() {
return this.to('ListGroups');
}
/**
* Grants permission to list the indices of an application
*
* Access Level: List
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_ListIndices.html
*/
toListIndices() {
return this.to('ListIndices');
}
/**
* Grants permission to list all integrations for a Q Business application
*
* Access Level: List
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_ListIntegrations.html
*/
toListIntegrations() {
return this.to('ListIntegrations');
}
/**
* Grants permission to list all messages
*
* Access Level: List
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_ListMessages.html
*/
toListMessages() {
return this.to('ListMessages');
}
/**
* Grants permission to list the plugins actions of a plugin within application
*
* Access Level: Read
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_ListPluginActions.html
*/
toListPluginActions() {
return this.to('ListPluginActions');
}
/**
* Grants permission to list all the actions for a plugin type
*
* Access Level: Read
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_ListPluginTypeActions.html
*/
toListPluginTypeActions() {
return this.to('ListPluginTypeActions');
}
/**
* Grants permission to list all the plugin type metadata
*
* Access Level: Read
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_ListPluginTypeMetadata.html
*/
toListPluginTypeMetadata() {
return this.to('ListPluginTypeMetadata');
}
/**
* Grants permission to list the plugins of an application
*
* Access Level: List
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_ListPlugins.html
*/
toListPlugins() {
return this.to('ListPlugins');
}
/**
* Grants permission to list the retrievers of an application
*
* Access Level: List
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_ListRetrievers.html
*/
toListRetrievers() {
return this.to('ListRetrievers');
}
/**
* Grants permission to list subscriptions
*
* Access Level: List
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_ListSubscriptions.html
*/
toListSubscriptions() {
return this.to('ListSubscriptions');
}
/**
* Grants permission to list tags for a resource
*
* Access Level: Read
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_ListTagsForResource.html
*/
toListTagsForResource() {
return this.to('ListTagsForResource');
}
/**
* Grants permission to list the web experiences of an application
*
* Access Level: List
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_ListWebExperiences.html
*/
toListWebExperiences() {
return this.to('ListWebExperiences');
}
/**
* Grants permission to put feedback about a conversation message
*
* Access Level: Write
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_PutFeedback.html
*/
toPutFeedback() {
return this.to('PutFeedback');
}
/**
* Grants permission to put a group of users
*
* Access Level: Write
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_PutGroup.html
*/
toPutGroup() {
return this.to('PutGroup');
}
/**
* Grants permission to put resource based policy statement to the application
*
* Access Level: Write
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_AssociatePermission.html
*/
toPutResourcePolicy() {
return this.to('PutResourcePolicy');
}
/**
* Grants permission to search relevant content from the Amazon Q Business Application
*
* Access Level: Read
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_SearchRelevantContent.html
*/
toSearchRelevantContent() {
return this.to('SearchRelevantContent');
}
/**
* Grants permission to start Data Source sync job
*
* Access Level: Write
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_StartDataSourceSyncJob.html
*/
toStartDataSourceSyncJob() {
return this.to('StartDataSourceSyncJob');
}
/**
* Grants permission to start deployment for an integration
*
* Access Level: Write
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_StartDeployment.html
*/
toStartDeployment() {
return this.to('StartDeployment');
}
/**
* Grants permission to stop Data Source sync job
*
* Access Level: Write
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_StopDataSourceSyncJob.html
*/
toStopDataSourceSyncJob() {
return this.to('StopDataSourceSyncJob');
}
/**
* Grants permission to tag a resource with given key value pairs
*
* Access Level: Tagging
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_TagResource.html
*/
toTagResource() {
return this.to('TagResource');
}
/**
* Grants permission to remove the tag with the given key from a resource
*
* Access Level: Tagging
*
* Possible conditions:
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_UntagResource.html
*/
toUntagResource() {
return this.to('UntagResource');
}
/**
* Grants permission to update an Application
*
* Access Level: Write
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_UpdateApplication.html
*/
toUpdateApplication() {
return this.to('UpdateApplication');
}
/**
* Grants permission to update chat controls configuration for an application
*
* Access Level: Write
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_UpdateChatControlsConfiguration.html
*/
toUpdateChatControlsConfiguration() {
return this.to('UpdateChatControlsConfiguration');
}
/**
* Grants permission to update a chat response configuration
*
* Access Level: Write
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_UpdateChatResponseConfiguration.html
*/
toUpdateChatResponseConfiguration() {
return this.to('UpdateChatResponseConfiguration');
}
/**
* Grants permission to update DataAccessor
*
* Access Level: Write
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_UpdateDataAccessor.html
*/
toUpdateDataAccessor() {
return this.to('UpdateDataAccessor');
}
/**
* Grants permission to update a DataSource
*
* Access Level: Write
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_UpdateDataSource.html
*/
toUpdateDataSource() {
return this.to('UpdateDataSource');
}
/**
* Grants permission to update an index
*
* Access Level: Write
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_UpdateIndex.html
*/
toUpdateIndex() {
return this.to('UpdateIndex');
}
/**
* Grants permission to update an integration for a Q Business application
*
* Access Level: Write
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_UpdateIntegration.html
*/
toUpdateIntegration() {
return this.to('UpdateIntegration');
}
/**
* Grants permission to update a plugin
*
* Access Level: Write
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_UpdatePlugin.html
*/
toUpdatePlugin() {
return this.to('UpdatePlugin');
}
/**
* Grants permission to update a Retriever
*
* Access Level: Write
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_UpdateRetriever.html
*/
toUpdateRetriever() {
return this.to('UpdateRetriever');
}
/**
* Grants permission to update a subscription
*
* Access Level: Write
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_UpdateSubscription.html
*/
toUpdateSubscription() {
return this.to('UpdateSubscription');
}
/**
* Grants permission to update a user
*
* Access Level: Write
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_UpdateUser.html
*/
toUpdateUser() {
return this.to('UpdateUser');
}
/**
* Grants permission to update a WebExperience
*
* Access Level: Write
*
* https://docs.aws.amazon.com/amazonq/latest/api-reference/API_UpdateWebExperience.html
*/
toUpdateWebExperience() {
return this.to('UpdateWebExperience');
}
/**
* Adds a resource of type application to the statement
*
* https://docs.aws.amazon.com/amazonq/latest/business-use-dg/create-application.html
*
* @param applicationId - Identifier for the applicationId.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onApplication(applicationId, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:qbusiness:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:application/${applicationId}`);
}
/**
* Adds a resource of type integration to the statement
*
* https://docs.aws.amazon.com/amazonq/latest/business-use-dg/create-integration.html
*
* @param applicationId - Identifier for the applicationId.
* @param integrationId - Identifier for the integrationId.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onIntegration(applicationId, integrationId, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:qbusiness:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:application/${applicationId}/integration/${integrationId}`);
}
/**
* Adds a resource of type retriever to the statement
*
* https://docs.aws.amazon.com/amazonq/latest/business-use-dg/select-retriever.html
*
* @param applicationId - Identifier for the applicationId.
* @param retrieverId - Identifier for the retrieverId.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onRetriever(applicationId, retrieverId, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:qbusiness:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:application/${applicationId}/retriever/${retrieverId}`);
}
/**
* Adds a resource of type index to the statement
*
* https://docs.aws.amazon.com/amazonq/latest/business-use-dg/select-retriever.html
*
* @param applicationId - Identifier for the applicationId.
* @param indexId - Identifier for the indexId.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onIndex(applicationId, indexId, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:qbusiness:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:application/${applicationId}/index/${indexId}`);
}
/**
* Adds a resource of type data-source to the statement
*
* https://docs.aws.amazon.com/amazonq/latest/business-use-dg/connect-data.html
*
* @param applicationId - Identifier for the applicationId.
* @param indexId - Identifier for the indexId.
* @param dataSourceId - Identifier for the dataSourceId.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onDataSource(applicationId, indexId, dataSourceId, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:qbusiness:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:application/${applicationId}/index/${indexId}/data-source/${dataSourceId}`);
}
/**
* Adds a resource of type plugin to the statement
*
* https://docs.aws.amazon.com/amazonq/latest/business-use-dg/plugins.html
*
* @param applicationId - Identifier for the applicationId.
* @param pluginId - Identifier for the pluginId.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onPlugin(applicationId, pluginId, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:qbusiness:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:application/${applicationId}/plugin/${pluginId}`);
}
/**
* Adds a resource of type web-experience to the statement
*
* https://docs.aws.amazon.com/amazonq/latest/business-use-dg/using-web-experience.html
*
* @param applicationId - Identifier for the applicationId.
* @param webExperienceId - Identifier for the webExperienceId.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onWebExperience(applicationId, webExperienceId, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:qbusiness:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:application/${applicationId}/web-experience/${webExperienceId}`);
}
/**
* Adds a resource of type subscription to the statement
*
* https://docs.aws.amazon.com/amazonq/latest/business-use-dg/subscriptions.html
*
* @param applicationId - Identifier for the applicationId.
* @param subscriptionId - Identifier for the subscriptionId.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*/
onSubscription(applicationId, subscriptionId, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:qbusiness:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:application/${applicationId}/subscription/${subscriptionId}`);
}
/**
* Adds a resource of type data-accessor to the statement
*
* https://docs.aws.amazon.com/amazonq/latest/business-use-dg/data-accessors.html
*
* @param applicationId - Identifier for the applicationId.
* @param dataAccessorId - Identifier for the dataAccessorId.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onDataAccessor(applicationId, dataAccessorId, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:qbusiness:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:application/${applicationId}/data-accessor/${dataAccessorId}`);
}
/**
* Adds a resource of type chat-response-configuration to the statement
*
* https://docs.aws.amazon.com/amazonq/latest/business-use-dg/response-customization.html
*
* @param applicationId - Identifier for the applicationId.
* @param chatResponseConfigurationId - Identifier for the chatResponseConfigurationId.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onChatResponseConfiguration(applicationId, chatResponseConfigurationId, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:qbusiness:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:application/${applicationId}/chat-response-configuration/${chatResponseConfigurationId}`);
}
/**
* Filters access by the tags that are passed in the request
*
* https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-requesttag
*
* Applies to actions:
* - .toCreateApplication()
* - .toCreateChatResponseConfiguration()
* - .toCreateDataAccessor()
* - .toCreateDataSource()
* - .toCreateIndex()
* - .toCreateIntegration()
* - .toCreatePlugin()
* - .toCreateRetriever()
* - .toCreateWebExperience()
* - .toTagResource()
*
* @param tagKey The tag key to check
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifAwsRequestTag(tagKey, value, operator) {
return this.if(`aws:RequestTag/${tagKey}`, value, operator ?? 'StringLike');
}
/**
* Filters access by the tags associated with the resource
*
* https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-resourcetag
*
* Applies to actions:
* - .toAllowVendedLogDeliveryForResource()
*
* Applies to resource types:
* - application
* - integration
* - retriever
* - index
* - data-source
* - plugin
* - web-experience
* - data-accessor
* - chat-response-configuration
*
* @param tagKey The tag key to check
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifAwsResourceTag(tagKey, value, operator) {
return this.if(`aws:ResourceTag/${tagKey}`, value, operator ?? 'StringLike');
}
/**
* Filters access by the tag keys that are passed in the request
*
* https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-tagkeys
*
* Applies to actions:
* - .toCreateApplication()
* - .toCreateChatResponseConfiguration()
* - .toCreateDataAccessor()
* - .toCreateDataSource()
* - .toCreateIndex()
* - .toCreateIntegration()
* - .toCreatePlugin()
* - .toCreateRetriever()
* - .toCreateWebExperience()
* - .toTagResource()
* - .toUntagResource()
*
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifAwsTagKeys(value, operator) {
return this.if(`aws:TagKeys`, value, operator ?? 'StringLike');
}
/**
* Filters access by IAM Identity Center Group ID
*
* https://docs.aws.amazon.com/amazonq/latest/qbusiness-ug/security_iam_service-with-iam.html
*
* Applies to actions:
* - .toCreateSubscription()
*
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifIdentitystoreGroupId(value, operator) {
return this.if(`identitystore:GroupId`, value, operator ?? 'StringLike');
}
/**
* Filters access by IAM Identity Center User ID
*
* https://docs.aws.amazon.com/amazonq/latest/qbusiness-ug/security_iam_service-with-iam.html
*
* Applies to actions:
* - .toCreateSubscription()
*
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifIdentitystoreUserId(value, operator) {
return this.if(`identitystore:UserId`, value, operator ?? 'StringLike');
}
/**
* Statement provider for service [qbusiness](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonqbusiness.html).
*
*/
constructor(props) {
super(props);
this.servicePrefix = 'qbusiness';
this.accessLevelList = {
'Permissions management': [
'AllowVendedLogDeliveryForResource'
],
Write: [
'AssociatePermission',
'BatchDeleteDocument',
'BatchPutDocument',
'CancelSubscription',
'CreateAnonymousWebExperienceUrl',
'CreateApplication',
'CreateChatResponseConfiguration',
'CreateDataAccessor',
'CreateDataAccessorWithTti',
'CreateDataSource',
'CreateIndex',
'CreateIntegration',
'CreatePlugin',
'CreateRetriever',
'CreateSubscription',
'CreateUser',
'CreateWebExperience',
'DeleteApplication',
'DeleteAttachment',
'DeleteChatControlsConfiguration',
'DeleteChatResponseConfiguration',
'DeleteConversation',
'DeleteDataAccessor',
'DeleteDataSource',
'DeleteGroup',
'DeleteIndex',
'DeleteIntegration',
'DeletePlugin',
'DeleteRetriever',
'DeleteUser',
'DeleteWebExperience',
'DisableAclOnDataSource',
'DisassociatePermission',
'PutFeedback',
'PutGroup',
'PutResourcePolicy',
'StartDataSourceSyncJob',
'StartDeployment',
'StopDataSourceSyncJob',
'UpdateApplication',
'UpdateChatControlsConfiguration',
'UpdateChatResponseConfiguration',
'UpdateDataAccessor',
'UpdateDataSource',
'UpdateIndex',
'UpdateIntegration',
'UpdatePlugin',
'UpdateRetriever',
'UpdateSubscription',
'UpdateUser',
'UpdateWebExperience'
],
Read: [
'Chat',
'ChatSync',
'CheckDocumentAccess',
'GetApplication',
'GetChatResponseConfiguration',
'GetDataAccessor',
'GetDataSource',
'GetDocumentContent',
'GetGroup',
'GetIndex',
'GetIntegration',
'GetMedia',
'GetPlugin',
'GetPolicy',
'GetRetriever',
'GetUser',
'GetWebExperience',
'ListPluginActions',
'ListPluginTypeActions',
'ListPluginTypeMetadata',
'ListTagsForResource',
'SearchRelevantContent'
],
List: [
'GetChatControlsConfiguration',
'ListApplications',
'ListAttachments',
'ListChatResponseConfigurations',
'ListConversations',
'ListDataAccessors',
'ListDataSourceSyncJobs',
'ListDataSources',
'ListDocuments',
'ListGroups',
'ListIndices',
'ListIntegrations',
'ListMessages',
'ListPlugins',
'ListRetrievers',
'ListSubscriptions',
'ListWebExperiences'
],
Tagging: [
'TagResource',
'UntagResource'
]
};
}
}
exports.Qbusiness = Qbusiness;
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicWJ1c2luZXNzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsicWJ1c2luZXNzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUNBLHlDQUF5RDtBQUd6RDs7OztHQUlHO0FBQ0gsTUFBYSxTQUFVLFNBQVEsd0JBQWU7SUFHNUM7Ozs7Ozs7T0FPRztJQUNJLG1DQUFtQztRQUN4QyxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsbUNBQW1DLENBQUMsQ0FBQztJQUN0RCxDQUFDO0lBRUQ7Ozs7Ozs7OztPQVNHO0lBQ0kscUJBQXFCO1FBQzFCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxxQkFBcUIsQ0FBQyxDQUFDO0lBQ3hDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxxQkFBcUI7UUFDMUIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLHFCQUFxQixDQUFDLENBQUM7SUFDeEMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLGtCQUFrQjtRQUN2QixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsa0JBQWtCLENBQUMsQ0FBQztJQUNyQyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksb0JBQW9CO1FBQ3pCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxvQkFBb0IsQ0FBQyxDQUFDO0lBQ3ZDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxNQUFNO1FBQ1gsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLE1BQU0sQ0FBQyxDQUFDO0lBQ3pCLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxVQUFVO1FBQ2YsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLFVBQVUsQ0FBQyxDQUFDO0lBQzdCLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxxQkFBcUI7UUFDMUIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLHFCQUFxQixDQUFDLENBQUM7SUFDeEMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLGlDQUFpQztRQUN0QyxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsaUNBQWlDLENBQUMsQ0FBQztJQUNwRCxDQUFDO0lBRUQ7Ozs7Ozs7Ozs7T0FVRztJQUNJLG1CQUFtQjtRQUN4QixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsbUJBQW1CLENBQUMsQ0FBQztJQUN0QyxDQUFDO0lBRUQ7Ozs7Ozs7Ozs7T0FVRztJQUNJLGlDQUFpQztRQUN0QyxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsaUNBQWlDLENBQUMsQ0FBQztJQUNwRCxDQUFDO0lBRUQ7Ozs7Ozs7Ozs7Ozs7T0FhRztJQUNJLG9CQUFvQjtRQUN6QixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsb0JBQW9CLENBQUMsQ0FBQztJQUN2QyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksMkJBQTJCO1FBQ2hDLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQywyQkFBMkIsQ0FBQyxDQUFDO0lBQzlDLENBQUM7SUFFRDs7Ozs7Ozs7OztPQVVHO0lBQ0ksa0JBQWtCO1FBQ3ZCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxrQkFBa0IsQ0FBQyxDQUFDO0lBQ3JDLENBQUM7SUFFRDs7Ozs7Ozs7OztPQVVHO0lBQ0ksYUFBYTtRQUNsQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsYUFBYSxDQUFDLENBQUM7SUFDaEMsQ0FBQztJQUVEOzs7Ozs7Ozs7O09BVUc7SUFDSSxtQkFBbUI7UUFDeEIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLG1CQUFtQixDQUFDLENBQUM7SUFDdEMsQ0FBQztJQUVEOzs7Ozs7Ozs7O09BVUc7SUFDSSxjQUFjO1FBQ25CLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxjQUFjLENBQUMsQ0FBQztJQUNqQyxDQUFDO0lBRUQ7Ozs7Ozs7Ozs7T0FVRztJQUNJLGlCQUFpQjtRQUN0QixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsaUJBQWlCLENBQUMsQ0FBQztJQUNwQyxDQUFDO0lBRUQ7Ozs7Ozs7Ozs7T0FVRztJQUNJLG9CQUFvQjtRQUN6QixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsb0JBQW9CLENBQUMsQ0FBQztJQUN2QyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksWUFBWTtRQUNqQixPQUFPL