cdk-iam-floyd

import { AccessLevelList } from '../../shared/access-level'; import { PolicyStatement, Operator } from '../../shared'; import { aws_iam as iam } from "aws-cdk-lib"; /** * Statement provider for service [rtbfabric](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsrtbfabric.html). * * @param sid [SID](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_sid.html) of the statement */ export declare class Rtbfabric extends PolicyStatement { servicePrefix: string; /** * Grants permission to accept a link invitation from another Gateway * * Access Level: Write * * https://docs.aws.amazon.com/rtb-fabric/latest/api/API_AcceptLink.html */ toAcceptLink(): this; /** * Grants permission to associate an ACM certificate with a responder gateway * * Access Level: Write * * https://docs.aws.amazon.com/rtb-fabric/latest/api/API_AssociateCertificate.html */ toAssociateCertificate(): this; /** * Grants permission to create an inbound external link for a responder gateway * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/rtb-fabric/latest/api/API_CreateInboundExternalLink.html */ toCreateInboundExternalLink(): this; /** * Grants permission to create a new link between RTB applications * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/rtb-fabric/latest/api/API_CreateLink.html */ toCreateLink(): this; /** * Grants permission to create a routing rule for a link * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/rtb-fabric/latest/api/API_CreateLinkRoutingRule.html */ toCreateLinkRoutingRule(): this; /** * Grants permission to create an outbound external link for a requester gateway to connect to external public responder endpoints * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/rtb-fabric/latest/api/API_CreateOutboundExternalLink.html */ toCreateOutboundExternalLink(): this; /** * Grants permission to create a requester gateway * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/rtb-fabric/latest/api/API_CreateRequesterGateway.html */ toCreateRequesterGateway(): this; /** * Grants permission to create a responder gateway * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/rtb-fabric/latest/api/API_CreateResponderGateway.html */ toCreateResponderGateway(): this; /** * Grants permission to delete an inbound external link * * Access Level: Write * * https://docs.aws.amazon.com/rtb-fabric/latest/api/API_DeleteInboundExternalLink.html */ toDeleteInboundExternalLink(): this; /** * Grants permission to delete a link between RTB applications * * Access Level: Write * * https://docs.aws.amazon.com/rtb-fabric/latest/api/API_DeleteLink.html */ toDeleteLink(): this; /** * Grants permission to delete a routing rule from a link * * Access Level: Write * * https://docs.aws.amazon.com/rtb-fabric/latest/api/API_DeleteLinkRoutingRule.html */ toDeleteLinkRoutingRule(): this; /** * Grants permission to delete an outbound external link * * Access Level: Write * * https://docs.aws.amazon.com/rtb-fabric/latest/api/API_DeleteOutboundExternalLink.html */ toDeleteOutboundExternalLink(): this; /** * Grants permission to delete a requester gateway * * Access Level: Write * * https://docs.aws.amazon.com/rtb-fabric/latest/api/API_DeleteRequesterGateway.html */ toDeleteRequesterGateway(): this; /** * Grants permission to delete a responder gateway * * Access Level: Write * * https://docs.aws.amazon.com/rtb-fabric/latest/api/API_DeleteResponderGateway.html */ toDeleteResponderGateway(): this; /** * Grants permission to remove a certificate association from a responder gateway * * Access Level: Write * * https://docs.aws.amazon.com/rtb-fabric/latest/api/API_DisassociateCertificate.html */ toDisassociateCertificate(): this; /** * Grants permission to retrieve details of a certificate association with a responder gateway * * Access Level: Read * * https://docs.aws.amazon.com/rtb-fabric/latest/api/API_GetCertificateAssociation.html */ toGetCertificateAssociation(): this; /** * Grants permission to retrieve information about an inbound external link * * Access Level: Read * * https://docs.aws.amazon.com/rtb-fabric/latest/api/API_GetInboundExternalLink.html */ toGetInboundExternalLink(): this; /** * Grants permission to retrieve information about a link between RTB applications * * Access Level: Read * * https://docs.aws.amazon.com/rtb-fabric/latest/api/API_GetLink.html */ toGetLink(): this; /** * Grants permission to retrieve information about a routing rule for a link * * Access Level: Read * * https://docs.aws.amazon.com/rtb-fabric/latest/api/API_GetLinkRoutingRule.html */ toGetLinkRoutingRule(): this; /** * Grants permission to retrieve information about an outbound external link * * Access Level: Read * * https://docs.aws.amazon.com/rtb-fabric/latest/api/API_GetOutboundExternalLink.html */ toGetOutboundExternalLink(): this; /** * Grants permission to retrieve information about a requester gateway * * Access Level: Read * * https://docs.aws.amazon.com/rtb-fabric/latest/api/API_GetRequesterGateway.html */ toGetRequesterGateway(): this; /** * Grants permission to retrieve information about a responder gateway * * Access Level: Read * * https://docs.aws.amazon.com/rtb-fabric/latest/api/API_GetResponderGateway.html */ toGetResponderGateway(): this; /** * Grants permission to list certificate associations for a responder gateway * * Access Level: List * * https://docs.aws.amazon.com/rtb-fabric/latest/api/API_ListCertificateAssociations.html */ toListCertificateAssociations(): this; /** * Grants permission to list routing rules for a link * * Access Level: List * * https://docs.aws.amazon.com/rtb-fabric/latest/api/API_ListLinkRoutingRules.html */ toListLinkRoutingRules(): this; /** * Grants permission to list links associated with an RTB application * * Access Level: List * * https://docs.aws.amazon.com/rtb-fabric/latest/api/API_ListLinks.html */ toListLinks(): this; /** * Grants permission to list requester gateways with optional filtering and pagination * * Access Level: List * * https://docs.aws.amazon.com/rtb-fabric/latest/api/API_ListRequesterGateways.html */ toListRequesterGateways(): this; /** * Grants permission to list responder gateways with optional filtering and pagination * * Access Level: List * * https://docs.aws.amazon.com/rtb-fabric/latest/api/API_ListResponderGateways.html */ toListResponderGateways(): this; /** * Grants permission to list tags for a resource * * Access Level: Read * * https://docs.aws.amazon.com/rtb-fabric/latest/api/API_ListTagsForResource.html */ toListTagsForResource(): this; /** * Grants permission to reject a link request between RTB applications * * Access Level: Write * * https://docs.aws.amazon.com/rtb-fabric/latest/api/API_RejectLink.html */ toRejectLink(): this; /** * Grants permission to assign one or more tags (key-value pairs) to the specified resource * * Access Level: Tagging * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/rtb-fabric/latest/api/API_TagResource.html */ toTagResource(): this; /** * Grants permission to remove a tag or tags from a resource * * Access Level: Tagging * * Possible conditions: * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/rtb-fabric/latest/api/API_UntagResource.html */ toUntagResource(): this; /** * Grants permission to update configuration settings for an existing link * * Access Level: Write * * https://docs.aws.amazon.com/rtb-fabric/latest/api/API_UpdateLink.html */ toUpdateLink(): this; /** * Grants permission to update a link module flow * * Access Level: Write * * https://docs.aws.amazon.com/rtb-fabric/latest/api/API_UpdateLinkModuleFlow.html */ toUpdateLinkModuleFlow(): this; /** * Grants permission to update a routing rule for a link * * Access Level: Write * * https://docs.aws.amazon.com/rtb-fabric/latest/api/API_UpdateLinkRoutingRule.html */ toUpdateLinkRoutingRule(): this; /** * Grants permission to update a requester gateway * * Access Level: Write * * https://docs.aws.amazon.com/rtb-fabric/latest/api/API_UpdateRequesterGateway.html */ toUpdateRequesterGateway(): this; /** * Grants permission to update a responder gateway * * Access Level: Write * * https://docs.aws.amazon.com/rtb-fabric/latest/api/API_UpdateResponderGateway.html */ toUpdateResponderGateway(): this; protected accessLevelList: AccessLevelList; /** * Adds a resource of type InboundExternalLink to the statement * * https://docs.aws.amazon.com/rtb-fabric/latest/userguide/links.html * * @param gatewayId - Identifier for the gatewayId. * @param linkId - Identifier for the linkId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() * - .ifInboundExternalLinkLinkId() * - .ifResponderGatewayGatewayId() */ onInboundExternalLink(gatewayId: string, linkId: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type Link to the statement * * https://docs.aws.amazon.com/rtb-fabric/latest/userguide/links.html * * @param gatewayId - Identifier for the gatewayId. * @param linkId - Identifier for the linkId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() * - .ifLinkLinkId() * - .ifRequesterGatewayGatewayId() * - .ifResponderGatewayGatewayId() */ onLink(gatewayId: string, linkId: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type LinkRoutingRule to the statement * * https://docs.aws.amazon.com/rtb-fabric/latest/userguide/links.html * * @param gatewayId - Identifier for the gatewayId. * @param linkId - Identifier for the linkId. * @param ruleId - Identifier for the ruleId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() * - .ifLinkLinkId() * - .ifLinkRoutingRuleRuleId() */ onLinkRoutingRule(gatewayId: string, linkId: string, ruleId: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type OutboundExternalLink to the statement * * https://docs.aws.amazon.com/rtb-fabric/latest/userguide/links.html * * @param gatewayId - Identifier for the gatewayId. * @param linkId - Identifier for the linkId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() * - .ifOutboundExternalLinkLinkId() * - .ifRequesterGatewayGatewayId() */ onOutboundExternalLink(gatewayId: string, linkId: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type RequesterGateway to the statement * * https://docs.aws.amazon.com/rtb-fabric/latest/userguide/working-with-requester-rtb-applications.html * * @param gatewayId - Identifier for the gatewayId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() * - .ifRequesterGatewayGatewayId() */ onRequesterGateway(gatewayId: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type ResponderGateway to the statement * * https://docs.aws.amazon.com/rtb-fabric/latest/userguide/working-with-responder-rtb-applications.html * * @param gatewayId - Identifier for the gatewayId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() * - .ifResponderGatewayGatewayId() */ onResponderGateway(gatewayId: string, account?: string, region?: string, partition?: string): this; /** * Filters access by a tag key and value pair that is allowed in the request * * https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-requesttag * * Applies to actions: * - .toCreateInboundExternalLink() * - .toCreateLink() * - .toCreateLinkRoutingRule() * - .toCreateOutboundExternalLink() * - .toCreateRequesterGateway() * - .toCreateResponderGateway() * - .toTagResource() * * @param tagKey The tag key to check * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifAwsRequestTag(tagKey: string, value: string | string[], operator?: Operator | string): this; /** * Filters access by a tag key and value pair of a resource * * https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-resourcetag * * Applies to resource types: * - InboundExternalLink * - Link * - LinkRoutingRule * - OutboundExternalLink * - RequesterGateway * - ResponderGateway * * @param tagKey The tag key to check * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifAwsResourceTag(tagKey: string, value: string | string[], operator?: Operator | string): this; /** * Filters access by a list of tag keys that are allowed in the request * * https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-tagkeys * * Applies to actions: * - .toCreateInboundExternalLink() * - .toCreateLink() * - .toCreateLinkRoutingRule() * - .toCreateOutboundExternalLink() * - .toCreateRequesterGateway() * - .toCreateResponderGateway() * - .toTagResource() * - .toUntagResource() * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifAwsTagKeys(value: string | string[], operator?: Operator | string): this; /** * Filters access by gateway identifier supporting rtb-gw-* formats * * https://docs.aws.amazon.com/rtb-fabric/latest/userguide/security_iam_service-with-iam.html * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifInboundExternalLinkGatewayId(value: string | string[], operator?: Operator | string): this; /** * Filters access by InboundExternalLink resource linkId identifier * * https://docs.aws.amazon.com/rtb-fabric/latest/userguide/security_iam_service-with-iam.html * * Applies to resource types: * - InboundExternalLink * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifInboundExternalLinkLinkId(value: string | string[], operator?: Operator | string): this; /** * Filters access by Link resource linkId identifier * * https://docs.aws.amazon.com/rtb-fabric/latest/userguide/security_iam_service-with-iam.html * * Applies to resource types: * - Link * - LinkRoutingRule * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifLinkLinkId(value: string | string[], operator?: Operator | string): this; /** * Filters access by routing rule identifier supporting rule-* formats * * https://docs.aws.amazon.com/rtb-fabric/latest/userguide/security_iam_service-with-iam.html * * Applies to resource types: * - LinkRoutingRule * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifLinkRoutingRuleRuleId(value: string | string[], operator?: Operator | string): this; /** * Filters access by OutboundExternalLink resource linkId identifier * * https://docs.aws.amazon.com/rtb-fabric/latest/userguide/security_iam_service-with-iam.html * * Applies to resource types: * - OutboundExternalLink * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifOutboundExternalLinkLinkId(value: string | string[], operator?: Operator | string): this; /** * Filters access by gateway identifier supporting rtb-gw-* formats * * https://docs.aws.amazon.com/rtb-fabric/latest/userguide/security_iam_service-with-iam.html * * Applies to resource types: * - Link * - OutboundExternalLink * - RequesterGateway * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifRequesterGatewayGatewayId(value: string | string[], operator?: Operator | string): this; /** * Filters access by gateway identifier supporting rtb-gw-* formats * * https://docs.aws.amazon.com/rtb-fabric/latest/userguide/security_iam_service-with-iam.html * * Applies to resource types: * - InboundExternalLink * - Link * - ResponderGateway * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifResponderGatewayGatewayId(value: string | string[], operator?: Operator | string): this; /** * Statement provider for service [rtbfabric](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsrtbfabric.html). * */ constructor(props?: iam.PolicyStatementProps); }