cdk-iam-floyd

import { AccessLevelList } from '../../shared/access-level'; import { PolicyStatement, Operator } from '../../shared'; import { aws_iam as iam } from "aws-cdk-lib"; /** * Statement provider for service [s3tables](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazons3tables.html). * * @param sid [SID](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_sid.html) of the statement */ export declare class S3tables extends PolicyStatement { servicePrefix: string; /** * Grants permission to create a namespace * * Access Level: Write * * https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3Buckets_CreateNamespace.html */ toCreateNamespace(): this; /** * Grants permission to create a table * * Access Level: Write * * Possible conditions: * - .ifNamespace() * - .ifSSEAlgorithm() * - .ifKMSKeyArn() * - .ifTableBucketTag() * - .ifAwsRequestTag() * - .ifAwsResourceTag() * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3Buckets_CreateTable.html */ toCreateTable(): this; /** * Grants permission to create a table bucket * * Access Level: Write * * Possible conditions: * - .ifSSEAlgorithm() * - .ifKMSKeyArn() * - .ifTableBucketTag() * - .ifAwsRequestTag() * - .ifAwsResourceTag() * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3Buckets_CreateTableBucket.html */ toCreateTableBucket(): this; /** * Grants permission to delete a namespace * * Access Level: Write * * Possible conditions: * - .ifNamespace() * * https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3Buckets_DeleteNamespace.html */ toDeleteNamespace(): this; /** * Grants permission to delete a table * * Access Level: Write * * Possible conditions: * - .ifNamespace() * - .ifTableName() * * https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3Buckets_DeleteTable.html */ toDeleteTable(): this; /** * Grants permission to delete a table bucket * * Access Level: Write * * https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3Buckets_DeleteTableBucket.html */ toDeleteTableBucket(): this; /** * Grants permission to delete encryption configuration on a table bucket * * Access Level: Write * * https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3Buckets_DeleteTableBucketEncryption.html */ toDeleteTableBucketEncryption(): this; /** * Grants permission to delete a metrics configuration on a table bucket * * Access Level: Write * * https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3Buckets_DeleteTableBucketMetricsConfiguration.html */ toDeleteTableBucketMetricsConfiguration(): this; /** * Grants permission to delete a policy on a table bucket * * Access Level: Permissions management * * https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3Buckets_DeleteTableBucketPolicy.html */ toDeleteTableBucketPolicy(): this; /** * Grants permission to delete table bucket replication configuration on a bucket * * Access Level: Write * * https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3Buckets_DeleteTableBucketReplication.html */ toDeleteTableBucketReplication(): this; /** * Grants permission to delete a policy on a table * * Access Level: Permissions management * * Possible conditions: * - .ifNamespace() * - .ifTableName() * * https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3Buckets_DeleteTablePolicy.html */ toDeleteTablePolicy(): this; /** * Grants permission to delete table replication configuration on a table * * Access Level: Write * * Possible conditions: * - .ifNamespace() * - .ifTableName() * * https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3Buckets_DeleteTableReplication.html */ toDeleteTableReplication(): this; /** * Grants permission to get a namespace * * Access Level: Read * * Possible conditions: * - .ifNamespace() * * https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3Buckets_GetNamespace.html */ toGetNamespace(): this; /** * Grants permission to retrieve a table * * Access Level: Read * * Possible conditions: * - .ifNamespace() * - .ifTableName() * * https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3Buckets_GetTable.html */ toGetTable(): this; /** * Grants permission to retrieve a table bucket * * Access Level: Read * * https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3Buckets_GetTableBucket.html */ toGetTableBucket(): this; /** * Grants permission to retrieve encryption configuration on a table bucket * * Access Level: Read * * https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3Buckets_GetTableBucketEncryption.html */ toGetTableBucketEncryption(): this; /** * Grants permission to retrieve a maintenance configuration on a table bucket * * Access Level: Read * * https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3Buckets_GetTableBucketMaintenanceConfiguration.html */ toGetTableBucketMaintenanceConfiguration(): this; /** * Grants permission to retrieve a metrics configuration on a bucket * * Access Level: Read * * https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3Buckets_GetTableBucketMetricsConfiguration.html */ toGetTableBucketMetricsConfiguration(): this; /** * Grants permission to retrieve a policy on a table bucket * * Access Level: Read * * https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3Buckets_GetTableBucketPolicy.html */ toGetTableBucketPolicy(): this; /** * Grants permission to retrieve a table bucket replication configuration on a bucket * * Access Level: Read * * https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3Buckets_GetTableBucketReplication.html */ toGetTableBucketReplication(): this; /** * Grants permission to retrieve the storage class configuration for a table bucket * * Access Level: Read * * https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3Buckets_GetTableBucketStorageClass.html */ toGetTableBucketStorageClass(): this; /** * Grants permission to read metadata and data objects from a table storage endpoint using S3 APIs * * Access Level: Read * * Possible conditions: * - .ifNamespace() * - .ifTableName() * * https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-tables-setting-up.html#s3-tables-actions */ toGetTableData(): this; /** * Grants permission to retrieve encryption configuration on a table * * Access Level: Read * * Possible conditions: * - .ifNamespace() * - .ifTableName() * * https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3Buckets_GetTableEncryption.html */ toGetTableEncryption(): this; /** * Grants permission to retrieve a maintenance configuration on a table * * Access Level: Read * * Possible conditions: * - .ifNamespace() * - .ifTableName() * * https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3Buckets_GetTableMaintenanceConfiguration.html */ toGetTableMaintenanceConfiguration(): this; /** * Grants permission to retrieve the status of maintenance jobs on a table * * Access Level: Read * * Possible conditions: * - .ifNamespace() * - .ifTableName() * * https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3Buckets_GetTableMaintenanceJobStatus.html */ toGetTableMaintenanceJobStatus(): this; /** * Grants permission to retrieve the metadata location of a table * * Access Level: Read * * Possible conditions: * - .ifNamespace() * - .ifTableName() * * https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3Buckets_GetTableMetadataLocation.html */ toGetTableMetadataLocation(): this; /** * Grants permission to retrieve a policy on a table * * Access Level: Read * * Possible conditions: * - .ifNamespace() * - .ifTableName() * * https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3Buckets_GetTablePolicy.html */ toGetTablePolicy(): this; /** * Grants permission to retrieve a table maintenance configuration on a system table * * Access Level: Read * * Possible conditions: * - .ifNamespace() * - .ifTableName() * * https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3Buckets_GetTableRecordExpirationConfiguration.html */ toGetTableRecordExpirationConfiguration(): this; /** * Grants permission to retrieve the status of table record expiration jobs on a system table * * Access Level: Read * * Possible conditions: * - .ifNamespace() * - .ifTableName() * * https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3Buckets_GetTableRecordExpirationJobStatus.html */ toGetTableRecordExpirationJobStatus(): this; /** * Grants permission to retrieve a table replication configuration on a table * * Access Level: Read * * Possible conditions: * - .ifNamespace() * - .ifTableName() * * https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3Buckets_GetTableReplication.html */ toGetTableReplication(): this; /** * Grants permission to retrieve a table replication status on a table * * Access Level: Read * * Possible conditions: * - .ifNamespace() * - .ifTableName() * * https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3Buckets_GetTableReplicationStatus.html */ toGetTableReplicationStatus(): this; /** * Grants permission to retrieve the storage class configuration for a specific table * * Access Level: Read * * Possible conditions: * - .ifNamespace() * - .ifTableName() * * https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3Buckets_GetTableStorageClass.html */ toGetTableStorageClass(): this; /** * Grants permission to list namespaces * * Access Level: List * * https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3Buckets_ListNamespaces.html */ toListNamespaces(): this; /** * Grants permission to list table buckets * * Access Level: List * * https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3Buckets_ListTableBuckets.html */ toListTableBuckets(): this; /** * Grants permission to list tables * * Access Level: List * * Possible conditions: * - .ifNamespace() * * https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3Buckets_ListTables.html */ toListTables(): this; /** * Grants permission to list the tags for an S3 Tables resource * * Access Level: List * * Possible conditions: * - .ifAwsResourceTag() * - .ifTableBucketTag() * * https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-tables-tables-tagging.html */ toListTagsForResource(): this; /** * Grants permission to put or overwrite encryption configuration on a table bucket * * Access Level: Write * * Possible conditions: * - .ifKMSKeyArn() * - .ifSSEAlgorithm() * * https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3Buckets_PutTableBucketEncryption.html */ toPutTableBucketEncryption(): this; /** * Grants permission to put a maintenance configuration on a table bucket * * Access Level: Write * * https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3Buckets_PutTableBucketMaintenanceConfiguration.html */ toPutTableBucketMaintenanceConfiguration(): this; /** * Grants permission to create or overwrite a metrics configuration on a table bucket * * Access Level: Write * * https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3Buckets_PutTableBucketMetricsConfiguration.html */ toPutTableBucketMetricsConfiguration(): this; /** * Grants permission to create or overwrite a policy on a table bucket * * Access Level: Permissions management * * https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3Buckets_PutTableBucketPolicy.html */ toPutTableBucketPolicy(): this; /** * Grants permission to put table bucket replication configuration on a bucket * * Access Level: Write * * https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3Buckets_PutTableBucketReplication.html */ toPutTableBucketReplication(): this; /** * Grants permission to set or update the storage class configuration for a table bucket * * Access Level: Write * * Possible conditions: * - .ifStorageClass() * * https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3Buckets_PutTableBucketStorageClass.html */ toPutTableBucketStorageClass(): this; /** * Grants permission to write metadata and data objects to a table storage endpoint using S3 APIs * * Access Level: Write * * Possible conditions: * - .ifNamespace() * - .ifTableName() * * https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-tables-setting-up.html#s3-tables-actions */ toPutTableData(): this; /** * Grants permission to put encryption configuration on a table * * Access Level: Write * * Possible conditions: * - .ifNamespace() * - .ifSSEAlgorithm() * - .ifKMSKeyArn() * * https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-tables-setting-up.html#s3-tables-actions */ toPutTableEncryption(): this; /** * Grants permission to put a maintenance configuration on a table * * Access Level: Write * * Possible conditions: * - .ifNamespace() * - .ifTableName() * * https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3Buckets_PutTableMaintenanceConfiguration.html */ toPutTableMaintenanceConfiguration(): this; /** * Grants permission to create or overwrite a policy on a table * * Access Level: Permissions management * * Possible conditions: * - .ifNamespace() * - .ifTableName() * * https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3Buckets_PutTablePolicy.html */ toPutTablePolicy(): this; /** * Grants permission to put a table record expiration configuration on a system table * * Access Level: Write * * Possible conditions: * - .ifNamespace() * - .ifTableName() * * https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3Buckets_PutTableRecordExpirationConfiguration.html */ toPutTableRecordExpirationConfiguration(): this; /** * Grants permission to put table replication configuration on a table * * Access Level: Write * * Possible conditions: * - .ifNamespace() * - .ifTableName() * * https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3Buckets_PutTableReplication.html */ toPutTableReplication(): this; /** * Grants permission to set or update the storage class configuration for a table * * Access Level: Write * * Possible conditions: * - .ifNamespace() * - .ifTableName() * - .ifStorageClass() * * https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3Buckets_PutTableStorageClass.html */ toPutTableStorageClass(): this; /** * Grants permission to rename a table or move a table across namespaces * * Access Level: Write * * Possible conditions: * - .ifNamespace() * - .ifTableName() * * https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3Buckets_RenameTable.html */ toRenameTable(): this; /** * Grants permission to tag a S3 Tables resource * * Access Level: Tagging * * Possible conditions: * - .ifAwsTagKeys() * - .ifAwsRequestTag() * - .ifAwsResourceTag() * - .ifTableBucketTag() * * https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-tables-tables-tagging.html */ toTagResource(): this; /** * Grants permission to untag a S3 Tables resource * * Access Level: Tagging * * Possible conditions: * - .ifAwsTagKeys() * - .ifAwsResourceTag() * - .ifTableBucketTag() * * https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-tables-tables-tagging.html */ toUntagResource(): this; /** * Grants permission to update the metadata location of a table * * Access Level: Write * * Possible conditions: * - .ifNamespace() * - .ifTableName() * * https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3Buckets_UpdateTableMetadataLocation.html */ toUpdateTableMetadataLocation(): this; protected accessLevelList: AccessLevelList; /** * Adds a resource of type TableBucket to the statement * * https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-tables-buckets.html * * @param tableBucketName - Identifier for the tableBucketName. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() * - .ifTableBucketTag() */ onTableBucket(tableBucketName: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type Table to the statement * * https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-tables-tables.html * * @param tableBucketName - Identifier for the tableBucketName. * @param tableID - Identifier for the tableID. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() * - .ifTableBucketTag() * - .ifNamespace() * - .ifTableName() */ onTable(tableBucketName: string, tableID: string, account?: string, region?: string, partition?: string): this; /** * Filters access by the tags that are passed in the request * * https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-requesttag * * Applies to actions: * - .toCreateTable() * - .toCreateTableBucket() * - .toTagResource() * * @param tagKey The tag key to check * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifAwsRequestTag(tagKey: string, value: string | string[], operator?: Operator | string): this; /** * Filters access by the tags associated with the resource * * https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-resourcetag * * Applies to actions: * - .toCreateTable() * - .toCreateTableBucket() * - .toListTagsForResource() * - .toTagResource() * - .toUntagResource() * * Applies to resource types: * - TableBucket * - Table * * @param tagKey The tag key to check * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifAwsResourceTag(tagKey: string, value: string | string[], operator?: Operator | string): this; /** * Filters access by the tag keys that are passed in the request * * https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-tagkeys * * Applies to actions: * - .toCreateTable() * - .toCreateTableBucket() * - .toTagResource() * - .toUntagResource() * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifAwsTagKeys(value: string | string[], operator?: Operator | string): this; /** * Filters access by the AWS KMS key ARN for the key used to encrypt a table * * https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-tables-setting-up.htmls3-tables-setting-up.html * * Applies to actions: * - .toCreateTable() * - .toCreateTableBucket() * - .toPutTableBucketEncryption() * - .toPutTableEncryption() * * @param value The value(s) to check * @param operator Works with [arn operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_ARN). **Default:** `ArnLike` */ ifKMSKeyArn(value: string | string[], operator?: Operator | string): this; /** * Filters access by the server-side encryption algorithm used to encrypt a table * * https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-tables-setting-up.htmls3-tables-setting-up.html * * Applies to actions: * - .toCreateTable() * - .toCreateTableBucket() * - .toPutTableBucketEncryption() * - .toPutTableEncryption() * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifSSEAlgorithm(value: string | string[], operator?: Operator | string): this; /** * Filters access by the storage class that can be set on tables under a table bucket * * https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-tables-setting-up.htmls3-tables-setting-up.html * * Applies to actions: * - .toPutTableBucketStorageClass() * - .toPutTableStorageClass() * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifStorageClass(value: string | string[], operator?: Operator | string): this; /** * Filters access by the tags associated with the table bucket * * https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-tables-setting-up.htmls3-tables-setting-up.html * * Applies to actions: * - .toCreateTable() * - .toCreateTableBucket() * - .toListTagsForResource() * - .toTagResource() * - .toUntagResource() * * Applies to resource types: * - TableBucket * - Table * * @param tagKey The tag key to check * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifTableBucketTag(tagKey: string, value: string | string[], operator?: Operator | string): this; /** * Filters access by the namespaces created in the table bucket * * https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-tables-setting-up.htmls3-tables-setting-up.html * * Applies to actions: * - .toCreateTable() * - .toDeleteNamespace() * - .toDeleteTable() * - .toDeleteTablePolicy() * - .toDeleteTableReplication() * - .toGetNamespace() * - .toGetTable() * - .toGetTableData() * - .toGetTableEncryption() * - .toGetTableMaintenanceConfiguration() * - .toGetTableMaintenanceJobStatus() * - .toGetTableMetadataLocation() * - .toGetTablePolicy() * - .toGetTableRecordExpirationConfiguration() * - .toGetTableRecordExpirationJobStatus() * - .toGetTableReplication() * - .toGetTableReplicationStatus() * - .toGetTableStorageClass() * - .toListTables() * - .toPutTableData() * - .toPutTableEncryption() * - .toPutTableMaintenanceConfiguration() * - .toPutTablePolicy() * - .toPutTableRecordExpirationConfiguration() * - .toPutTableReplication() * - .toPutTableStorageClass() * - .toRenameTable() * - .toUpdateTableMetadataLocation() * * Applies to resource types: * - Table * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifNamespace(value: string | string[], operator?: Operator | string): this; /** * Filters access by the name of the tables in the table bucket * * https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-tables-setting-up.htmls3-tables-setting-up.html * * Applies to actions: * - .toDeleteTable() * - .toDeleteTablePolicy() * - .toDeleteTableReplication() * - .toGetTable() * - .toGetTableData() * - .toGetTableEncryption() * - .toGetTableMaintenanceConfiguration() * - .toGetTableMaintenanceJobStatus() * - .toGetTableMetadataLocation() * - .toGetTablePolicy() * - .toGetTableRecordExpirationConfiguration() * - .toGetTableRecordExpirationJobStatus() * - .toGetTableReplication() * - .toGetTableReplicationStatus() * - .toGetTableStorageClass() * - .toPutTableData() * - .toPutTableMaintenanceConfiguration() * - .toPutTablePolicy() * - .toPutTableRecordExpirationConfiguration() * - .toPutTableReplication() * - .toPutTableStorageClass() * - .toRenameTable() * - .toUpdateTableMetadataLocation() * * Applies to resource types: * - Table * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifTableName(value: string | string[], operator?: Operator | string): this; /** * Statement provider for service [s3tables](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazons3tables.html). * */ constructor(props?: iam.PolicyStatementProps); }