cdk-iam-floyd

import { AccessLevelList } from '../../shared/access-level'; import { PolicyStatement, Operator } from '../../shared'; import { aws_iam as iam } from "aws-cdk-lib"; /** * Statement provider for service [storagegateway](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsstoragegateway.html). * * @param sid [SID](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_sid.html) of the statement */ export declare class Storagegateway extends PolicyStatement { servicePrefix: string; /** * Grants permission to activate the gateway you previously deployed on your host * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_ActivateGateway.html */ toActivateGateway(): this; /** * Grants permission to configure one or more gateway local disks as cache for a cached-volume gateway * * Access Level: Write * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_AddCache.html */ toAddCache(): this; /** * Grants permission to add one or more tags to the specified resource * * Access Level: Tagging * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_AddTagsToResource.html */ toAddTagsToResource(): this; /** * Grants permission to configure one or more gateway local disks as upload buffer for a specified gateway * * Access Level: Write * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_AddUploadBuffer.html */ toAddUploadBuffer(): this; /** * Grants permission to configure one or more gateway local disks as working storage for a gateway * * Access Level: Write * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_AddWorkingStorage.html */ toAddWorkingStorage(): this; /** * Grants permission to move a tape to the target pool specified * * Access Level: Write * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_AssignTapePool.html */ toAssignTapePool(): this; /** * Grants permission to associate an Amazon FSx file system with the Amazon FSx file gateway * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * Dependent actions: * - ds:DescribeDirectories * - ec2:DescribeNetworkInterfaces * - fsx:DescribeFileSystems * - iam:CreateServiceLinkedRole * - logs:CreateLogDelivery * - logs:GetLogDelivery * - logs:ListLogDeliveries * - logs:UpdateLogDelivery * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_AssociateFileSystem.html */ toAssociateFileSystem(): this; /** * Grants permission to connect a volume to an iSCSI connection and then attaches the volume to the specified gateway * * Access Level: Write * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_AttachVolume.html */ toAttachVolume(): this; /** * Grants permission to allow the governance retention lock on a pool to be bypassed * * Access Level: Write * * https://docs.aws.amazon.com/storagegateway/latest/userguide/CreatingCustomTapePool.html#TapeRetentionLock */ toBypassGovernanceRetention(): this; /** * Grants permission to cancel archiving of a virtual tape to the virtual tape shelf (VTS) after the archiving process is initiated * * Access Level: Write * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_CancelArchival.html */ toCancelArchival(): this; /** * Grants permission to cancel a cache report * * Access Level: Write * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_CancelCacheReport.html */ toCancelCacheReport(): this; /** * Grants permission to cancel retrieval of a virtual tape from the virtual tape shelf (VTS) to a gateway after the retrieval process is initiated * * Access Level: Write * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_CancelRetrieval.html */ toCancelRetrieval(): this; /** * Grants permission to create a cached volume on a specified cached gateway. This operation is supported only for the gateway-cached volume architecture * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_CreateCachediSCSIVolume.html */ toCreateCachediSCSIVolume(): this; /** * Grants permission to create a NFS file share on an existing file gateway * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_CreateNFSFileShare.html */ toCreateNFSFileShare(): this; /** * Grants permission to create a SMB file share on an existing file gateway * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_CreateSMBFileShare.html */ toCreateSMBFileShare(): this; /** * Grants permission to initiate a snapshot of a volume * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_CreateSnapshot.html */ toCreateSnapshot(): this; /** * Grants permission to initiate a snapshot of a gateway from a volume recovery point * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_CreateSnapshotFromVolumeRecoveryPoint.html */ toCreateSnapshotFromVolumeRecoveryPoint(): this; /** * Grants permission to create a volume on a specified gateway * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_CreateStorediSCSIVolume.html */ toCreateStorediSCSIVolume(): this; /** * Grants permission to create a tape pool * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_CreateTapePool.html */ toCreateTapePool(): this; /** * Grants permission to create a virtual tape by using your own barcode * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_CreateTapeWithBarcode.html */ toCreateTapeWithBarcode(): this; /** * Grants permission to create one or more virtual tapes. You write data to the virtual tapes and then archive the tapes * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_CreateTapes.html */ toCreateTapes(): this; /** * Grants permission to delete the automatic tape creation policy configured on a gateway-VTL * * Access Level: Write * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DeleteAutomaticTapeCreationPolicy.html */ toDeleteAutomaticTapeCreationPolicy(): this; /** * Grants permission to delete the bandwidth rate limits of a gateway * * Access Level: Write * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DeleteBandwidthRateLimit.html */ toDeleteBandwidthRateLimit(): this; /** * Grants permission to delete the metadata associated with a cache report * * Access Level: Write * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DeleteCacheReport.html */ toDeleteCacheReport(): this; /** * Grants permission to delete Challenge-Handshake Authentication Protocol (CHAP) credentials for a specified iSCSI target and initiator pair * * Access Level: Write * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DeleteChapCredentials.html */ toDeleteChapCredentials(): this; /** * Grants permission to delete a file share from a file gateway * * Access Level: Write * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DeleteFileShare.html */ toDeleteFileShare(): this; /** * Grants permission to delete a gateway * * Access Level: Write * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DeleteGateway.html */ toDeleteGateway(): this; /** * Grants permission to delete a snapshot of a volume * * Access Level: Write * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DeleteSnapshotSchedule.html */ toDeleteSnapshotSchedule(): this; /** * Grants permission to delete the specified virtual tape * * Access Level: Write * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DeleteTape.html */ toDeleteTape(): this; /** * Grants permission to delete the specified virtual tape from the virtual tape shelf (VTS) * * Access Level: Write * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DeleteTapeArchive.html */ toDeleteTapeArchive(): this; /** * Grants permission to delete the specified tape pool * * Access Level: Write * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DeleteTapePool.html */ toDeleteTapePool(): this; /** * Grants permission to delete the specified gateway volume that you previously created using the CreateCachediSCSIVolume or CreateStorediSCSIVolume API * * Access Level: Write * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DeleteVolume.html */ toDeleteVolume(): this; /** * Grants permission to get the information about the most recent high availability monitoring test that was performed on the gateway * * Access Level: Read * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeAvailabilityMonitorTest.html */ toDescribeAvailabilityMonitorTest(): this; /** * Grants permission to get the bandwidth rate limits of a gateway * * Access Level: Read * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeBandwidthRateLimit.html */ toDescribeBandwidthRateLimit(): this; /** * Grants permission to get the bandwidth rate limit schedule of a gateway * * Access Level: Read * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeBandwidthRateLimitSchedule.html */ toDescribeBandwidthRateLimitSchedule(): this; /** * Grants permission to get information about the cache of a gateway. This operation is supported only for the gateway-cached volume architecture * * Access Level: Read * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeCache.html */ toDescribeCache(): this; /** * Grants permission to get a description of a cache report * * Access Level: Read * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeCacheReport.html */ toDescribeCacheReport(): this; /** * Grants permission to get a description of the gateway volumes specified in the request. This operation is supported only for the gateway-cached volume architecture * * Access Level: Read * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeCachediSCSIVolumes.html */ toDescribeCachediSCSIVolumes(): this; /** * Grants permission to get an array of Challenge-Handshake Authentication Protocol (CHAP) credentials information for a specified iSCSI target, one for each target-initiator pair * * Access Level: Read * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeChapCredentials.html */ toDescribeChapCredentials(): this; /** * Grants permission to get a description for one or more file system associations * * Access Level: Read * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeFileSystemAssociations.html */ toDescribeFileSystemAssociations(): this; /** * Grants permission to get metadata about a gateway such as its name, network interfaces, configured time zone, and the state (whether the gateway is running or not) * * Access Level: Read * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeGatewayInformation.html */ toDescribeGatewayInformation(): this; /** * Grants permission to get your gateway's weekly maintenance start time including the day and time of the week * * Access Level: Read * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeMaintenanceStartTime.html */ toDescribeMaintenanceStartTime(): this; /** * Grants permission to get a description for one or more file shares from a file gateway * * Access Level: Read * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeNFSFileShares.html */ toDescribeNFSFileShares(): this; /** * Grants permission to get a description for one or more file shares from a file gateway * * Access Level: Read * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeSMBFileShares.html */ toDescribeSMBFileShares(): this; /** * Grants permission to get a description of a Server Message Block (SMB) file share settings from a file gateway * * Access Level: Read * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeSMBSettings.html */ toDescribeSMBSettings(): this; /** * Grants permission to describe the snapshot schedule for the specified gateway volume * * Access Level: Read * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeSnapshotSchedule.html */ toDescribeSnapshotSchedule(): this; /** * Grants permission to get the description of the gateway volumes specified in the request * * Access Level: Read * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeStorediSCSIVolumes.html */ toDescribeStorediSCSIVolumes(): this; /** * Grants permission to get a description of specified virtual tapes in the virtual tape shelf (VTS) * * Access Level: Read * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeTapeArchives.html */ toDescribeTapeArchives(): this; /** * Grants permission to get a list of virtual tape recovery points that are available for the specified gateway-VTL * * Access Level: Read * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeTapeRecoveryPoints.html */ toDescribeTapeRecoveryPoints(): this; /** * Grants permission to get a description of the specified Amazon Resource Name (ARN) of virtual tapes * * Access Level: Read * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeTapes.html */ toDescribeTapes(): this; /** * Grants permission to get information about the upload buffer of a gateway * * Access Level: Read * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeUploadBuffer.html */ toDescribeUploadBuffer(): this; /** * Grants permission to get a description of virtual tape library (VTL) devices for the specified gateway * * Access Level: Read * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeVTLDevices.html */ toDescribeVTLDevices(): this; /** * Grants permission to get information about the working storage of a gateway * * Access Level: Read * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeWorkingStorage.html */ toDescribeWorkingStorage(): this; /** * Grants permission to disconnect a volume from an iSCSI connection and then detaches the volume from the specified gateway * * Access Level: Write * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DetachVolume.html */ toDetachVolume(): this; /** * Grants permission to disable a gateway when the gateway is no longer functioning * * Access Level: Write * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DisableGateway.html */ toDisableGateway(): this; /** * Grants permission to disassociate an Amazon FSx file system from an Amazon FSx file gateway * * Access Level: Write * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DisassociateFileSystem.html */ toDisassociateFileSystem(): this; /** * Grants permission to clean a share's cache of file entries that are failing upload to Amazon S3 * * Access Level: Write * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_EvictFilesFailingUpload.html */ toEvictFilesFailingUpload(): this; /** * Grants permission to enable you to join an Active Directory Domain * * Access Level: Write * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_JoinDomain.html */ toJoinDomain(): this; /** * Grants permission to list the automatic tape creation policies configured on the specified gateway-VTL or all gateway-VTLs owned by your AWS account * * Access Level: List * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_ListAutomaticTapeCreationPolicies.html */ toListAutomaticTapeCreationPolicies(): this; /** * Grants permission to get a list of the cache reports owned by your AWS account * * Access Level: List * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_ListCacheReports.html */ toListCacheReports(): this; /** * Grants permission to get a list of the file shares for a specific file gateway, or the list of file shares owned by your AWS account * * Access Level: List * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_ListFileShares.html */ toListFileShares(): this; /** * Grants permission to get a list of the file system associations for the specified gateway * * Access Level: List * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_ListFileSystemAssociations.html */ toListFileSystemAssociations(): this; /** * Grants permission to list gateways owned by an AWS account in a region specified in the request. The returned list is ordered by gateway Amazon Resource Name (ARN) * * Access Level: List * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_ListGateways.html */ toListGateways(): this; /** * Grants permission to get a list of the gateway's local disks * * Access Level: List * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_ListLocalDisks.html */ toListLocalDisks(): this; /** * Grants permission to get the tags that have been added to the specified resource * * Access Level: List * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_ListTagsForResource.html */ toListTagsForResource(): this; /** * Grants permission to list tape pools owned by your AWS account * * Access Level: List * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_ListTapePools.html */ toListTapePools(): this; /** * Grants permission to list virtual tapes in your virtual tape library (VTL) and your virtual tape shelf (VTS) * * Access Level: List * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_ListTapes.html */ toListTapes(): this; /** * Grants permission to list iSCSI initiators that are connected to a volume * * Access Level: List * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_ListVolumeInitiators.html */ toListVolumeInitiators(): this; /** * Grants permission to list the recovery points for a specified gateway * * Access Level: List * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_ListVolumeRecoveryPoints.html */ toListVolumeRecoveryPoints(): this; /** * Grants permission to list the iSCSI stored volumes of a gateway * * Access Level: List * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_ListVolumes.html */ toListVolumes(): this; /** * Grants permission to send you a notification through CloudWatch Events when all files written to your NFS file share have been uploaded to Amazon S3 * * Access Level: Write * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_NotifyWhenUploaded.html */ toNotifyWhenUploaded(): this; /** * Grants permission to refresh the cache for the specified file share * * Access Level: Write * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_RefreshCache.html */ toRefreshCache(): this; /** * Grants permission to remove one or more tags from the specified resource * * Access Level: Tagging * * Possible conditions: * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_RemoveTagsFromResource.html */ toRemoveTagsFromResource(): this; /** * Grants permission to reset all cache disks that have encountered a error and makes the disks available for reconfiguration as cache storage * * Access Level: Write * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_ResetCache.html */ toResetCache(): this; /** * Grants permission to retrieve an archived virtual tape from the virtual tape shelf (VTS) to a gateway-VTL * * Access Level: Write * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_RetrieveTapeArchive.html */ toRetrieveTapeArchive(): this; /** * Grants permission to retrieve the recovery point for the specified virtual tape * * Access Level: Write * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_RetrieveTapeRecoveryPoint.html */ toRetrieveTapeRecoveryPoint(): this; /** * Grants permission to set the password for your VM local console * * Access Level: Write * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_SetLocalConsolePassword.html */ toSetLocalConsolePassword(): this; /** * Grants permission to set the password for SMB Guest user * * Access Level: Write * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_SetSMBGuestPassword.html */ toSetSMBGuestPassword(): this; /** * Grants permission to shut down a gateway * * Access Level: Write * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_ShutdownGateway.html */ toShutdownGateway(): this; /** * Grants permission to start a test that verifies that the specified gateway is configured for High Availability monitoring in your host environment * * Access Level: Write * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_StartAvailabilityMonitorTest.html */ toStartAvailabilityMonitorTest(): this; /** * Grants permission to start a cache report for an existing file share * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_StartCacheReport.html */ toStartCacheReport(): this; /** * Grants permission to start a gateway that you previously shut down * * Access Level: Write * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_StartGateway.html */ toStartGateway(): this; /** * Grants permission to update the automatic tape creation policy configured on a gateway-VTL * * Access Level: Write * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_UpdateAutomaticTapeCreationPolicy.html */ toUpdateAutomaticTapeCreationPolicy(): this; /** * Grants permission to update the bandwidth rate limits of a gateway * * Access Level: Write * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_UpdateBandwidthRateLimit.html */ toUpdateBandwidthRateLimit(): this; /** * Grants permission to update the bandwidth rate limit schedule of a gateway * * Access Level: Write * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_UpdateBandwidthRateLimitSchedule.html */ toUpdateBandwidthRateLimitSchedule(): this; /** * Grants permission to update the Challenge-Handshake Authentication Protocol (CHAP) credentials for a specified iSCSI target * * Access Level: Write * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_UpdateChapCredentials.html */ toUpdateChapCredentials(): this; /** * Grants permission to update a file system association * * Access Level: Write * * Dependent actions: * - logs:CreateLogDelivery * - logs:DeleteLogDelivery * - logs:GetLogDelivery * - logs:ListLogDeliveries * - logs:UpdateLogDelivery * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_UpdateFileSystemAssociation.html */ toUpdateFileSystemAssociation(): this; /** * Grants permission to update a gateway's metadata, which includes the gateway's name and time zone * * Access Level: Write * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_UpdateGatewayInformation.html */ toUpdateGatewayInformation(): this; /** * Grants permission to update the gateway virtual machine (VM) software * * Access Level: Write * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_UpdateGatewaySoftwareNow.html */ toUpdateGatewaySoftwareNow(): this; /** * Grants permission to update a gateway's weekly maintenance start time information, including day and time of the week. The maintenance time is the time in your gateway's time zone * * Access Level: Write * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_UpdateMaintenanceStartTime.html */ toUpdateMaintenanceStartTime(): this; /** * Grants permission to update a NFS file share * * Access Level: Write * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_UpdateNFSFileShare.html */ toUpdateNFSFileShare(): this; /** * Grants permission to update a SMB file share * * Access Level: Write * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_UpdateSMBFileShare.html */ toUpdateSMBFileShare(): this; /** * Grants permission to update whether the shares on a gateway are visible in a net view or browse list * * Access Level: Write * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_UpdateSMBFileShareVisibility.html */ toUpdateSMBFileShareVisibility(): this; /** * Grants permission to update the list of Active Directory users and groups that have special permissions for SMB file shares on the gateway * * Access Level: Write * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_UpdateSMBLocalGroups.html */ toUpdateSMBLocalGroups(): this; /** * Grants permission to update the SMB security strategy on a file gateway * * Access Level: Write * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_UpdateSMBSecurityStrategy.html */ toUpdateSMBSecurityStrategy(): this; /** * Grants permission to update a snapshot schedule configured for a gateway volume * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_UpdateSnapshotSchedule.html */ toUpdateSnapshotSchedule(): this; /** * Grants permission to update the type of medium changer in a gateway-VTL * * Access Level: Write * * https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_UpdateVTLDeviceType.html */ toUpdateVTLDeviceType(): this; protected accessLevelList: AccessLevelList; /** * Adds a resource of type cache-report to the statement * * https://docs.aws.amazon.com/filegateway/latest/files3/cache-report.html * * @param shareId - Identifier for the shareId. * @param cacheReportId - Identifier for the cacheReportId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onCacheReport(shareId: string, cacheReportId: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type device to the statement * * https://docs.aws.amazon.com/storagegateway/latest/userguide/resource_vtl-devices.html * * @param gatewayId - Identifier for the gatewayId. * @param vtldevice - Identifier for the vtldevice. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. */ onDevice(gatewayId: string, vtldevice: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type fs-association to the statement * * https://docs.aws.amazon.com/filegateway/latest/filefsxw/attach-fsxw-filesystem.html * * @param fsaId - Identifier for the fsaId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onFsAssociation(fsaId: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type gateway to the statement * * https://docs.aws.amazon.com/storagegateway/latest/userguide/StorageGatewayConcepts.html * * @param gatewayId - Identifier for the gatewayId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onGateway(gatewayId: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type share to the statement * * https://docs.aws.amazon.com/storagegateway/latest/userguide/GettingStartedCreateFileShare.html * * @param shareId - Identifier for the shareId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onShare(shareId: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type tape to the statement * * https://docs.aws.amazon.com/storagegateway/latest/userguide/StorageGatewayConcepts.html#storage-gateway-vtl-concepts * * @param tapeBarcode - Identifier for the tapeBarcode. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onTape(tapeBarcode: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type tapepool to the statement * * https://docs.aws.amazon.com/storagegateway/latest/userguide/CreatingCustomTapePool.html * * @param poolId - Identifier for the poolId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onTapepool(poolId: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type target to the statement * * https://docs.aws.amazon.com/storagegateway/latest/userguide/GettingStartedCreateVolumes.html * * @param gatewayId - Identifier for the gatewayId. * @param iscsiTarget - Identifier for the iscsiTarget. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. */ onTarget(gatewayId: string, iscsiTarget: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type volume to the statement * * https://docs.aws.amazon.com/storagegateway/latest/userguide/StorageGatewayConcepts.html#volume-gateway-concepts * * @param gatewayId - Identifier for the gatewayId. * @param volumeId - Identifier for the volumeId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onVolume(gatewayId: string, volumeId: string, account?: string, region?: string, partition?: string): this; /** * Filters access by the allowed set of values for each of the tags * * https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-requesttag * * Applies to actions: * - .toActivateGateway() * - .toAddTagsToResource() * - .toAssociateFileSystem() * - .toCreateCachediSCSIVolume() * - .toCreateNFSFileShare() * - .toCreateSMBFileShare() * - .toCreateSnapshot() * - .toCreateSnapshotFromVolumeRecoveryPoint() * - .toCreateStorediSCSIVolume() * - .toCreateTapePool() * - .toCreateTapeWithBarcode() * - .toCreateTapes() * - .toStartCacheReport() * - .toUpdateSnapshotSchedule() * * @param tagKey The tag key to check * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifAwsRequestTag(tagKey: string, value: string | string[], operator?: Operator | string): this; /** * Filters access by tag-value associated with the resource * * https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-resourcetag * * Applies to resource types: * - cache-report * - fs-association * - gateway * - share * - tape * - tapepool * - volume * * @param tagKey The tag key to check * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifAwsResourceTag(tagKey: string, value: string | string[], operator?: Operator | string): this; /** * Filters access by the presence of mandatory tags in the request * * https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-tagkeys * * Applies to actions: * - .toActivateGateway() * - .toAddTagsToResource() * - .toAssociateFileSystem() * - .toCreateCachediSCSIVolume() * - .toCreateNFSFileShare() * - .toCreateSMBFileShare() * - .toCreateSnapshot() * - .toCreateSnapshotFromVolumeRecoveryPoint() * - .toCreateStorediSCSIVolume() * - .toCreateTapePool() * - .toCreateTapeWithBarcode() * - .toCreateTapes() * - .toRemoveTagsFromResource() * - .toStartCacheReport() * - .toUpdateSnapshotSchedule() * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifAwsTagKeys(value: string | string[], operator?: Operator | string): this; /** * Statement provider for service [storagegateway](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsstoragegateway.html). * */ constructor(props?: iam.PolicyStatementProps); }