cdk-iam-floyd
Version:
AWS IAM policy statement generator with fluent interface for AWS CDK
472 lines (471 loc) • 15.3 kB
TypeScript
import { AccessLevelList } from '../../shared/access-level';
import { PolicyStatement, Operator } from '../../shared';
import { aws_iam as iam } from "aws-cdk-lib";
/**
* Statement provider for service [wickr](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awswickr.html).
*
* @param sid [SID](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_sid.html) of the statement
*/
export declare class Wickr extends PolicyStatement {
servicePrefix: string;
/**
* Grants permission to batch create users in a Wickr network
*
* Access Level: Write
*
* https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html
*/
toBatchCreateUser(): this;
/**
* Grants permission to batch delete users from a Wickr network
*
* Access Level: Write
*
* https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html
*/
toBatchDeleteUser(): this;
/**
* Grants permission to batch lookup user unames in a Wickr network
*
* Access Level: Read
*
* https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html
*/
toBatchLookupUserUname(): this;
/**
* Grants permission to batch reinvite users in a Wickr network
*
* Access Level: Write
*
* https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html
*/
toBatchReinviteUser(): this;
/**
* Grants permission to batch reset devices for a user in a Wickr network
*
* Access Level: Write
*
* https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html
*/
toBatchResetDevicesForUser(): this;
/**
* Grants permission to batch toggle user suspend status in a Wickr network
*
* Access Level: Write
*
* https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html
*/
toBatchToggleUserSuspendStatus(): this;
/**
* Grants permission to create and manage Wickr networks
*
* Access Level: Write
*
* https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html
*/
toCreateAdminSession(): this;
/**
* Grants permission to create a bot in a Wickr network
*
* Access Level: Write
*
* https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html
*/
toCreateBot(): this;
/**
* Grants permission to create a data retention bot in a Wickr network
*
* Access Level: Write
*
* https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html
*/
toCreateDataRetentionBot(): this;
/**
* Grants permission to create a data retention bot challenge in a Wickr network
*
* Access Level: Write
*
* https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html
*/
toCreateDataRetentionBotChallenge(): this;
/**
* Grants permission to create a new Wickr network
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html
*/
toCreateNetwork(): this;
/**
* Grants permission to create a security group in a Wickr network
*
* Access Level: Write
*
* https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html
*/
toCreateSecurityGroup(): this;
/**
* Grants permission to delete a bot from a Wickr network
*
* Access Level: Write
*
* https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html
*/
toDeleteBot(): this;
/**
* Grants permission to delete a data retention bot from a Wickr network
*
* Access Level: Write
*
* https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html
*/
toDeleteDataRetentionBot(): this;
/**
* Grants permission to delete Wickr networks
*
* Access Level: Write
*
* https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html
*/
toDeleteNetwork(): this;
/**
* Grants permission to delete a security group from a Wickr network
*
* Access Level: Write
*
* https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html
*/
toDeleteSecurityGroup(): this;
/**
* Grants permission to get bot information in a Wickr network
*
* Access Level: Read
*
* https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html
*/
toGetBot(): this;
/**
* Grants permission to get bot count for a Wickr network
*
* Access Level: Read
*
* https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html
*/
toGetBotsCount(): this;
/**
* Grants permission to get data retention bot information in a Wickr network
*
* Access Level: Read
*
* https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html
*/
toGetDataRetentionBot(): this;
/**
* Grants permission to get guest user history count for a Wickr network
*
* Access Level: Read
*
* https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html
*/
toGetGuestUserHistoryCount(): this;
/**
* Grants permission to get details of a Wickr network
*
* Access Level: Read
*
* https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html
*/
toGetNetwork(): this;
/**
* Grants permission to get network settings for a Wickr network
*
* Access Level: Read
*
* https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html
*/
toGetNetworkSettings(): this;
/**
* Grants permission to get OIDC information for a Wickr network
*
* Access Level: Read
*
* https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html
*/
toGetOidcInfo(): this;
/**
* Grants permission to retrieve the OpenTDF integration configuration for a Wickr network
*
* Access Level: Read
*
* https://docs.aws.amazon.com/wickr/latest/APIReference/API_GetOpentdfConfig.html
*/
toGetOpentdfConfig(): this;
/**
* Grants permission to get security group information in a Wickr network
*
* Access Level: Read
*
* https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html
*/
toGetSecurityGroup(): this;
/**
* Grants permission to get information about a user in a Wickr network
*
* Access Level: Read
*
* https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html
*/
toGetUser(): this;
/**
* Grants permission to get user count for a Wickr network
*
* Access Level: Read
*
* https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html
*/
toGetUsersCount(): this;
/**
* Grants permission to list blocked guest users in a Wickr network
*
* Access Level: Read
*
* https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html
*/
toListBlockedGuestUsers(): this;
/**
* Grants permission to list bots in a Wickr network
*
* Access Level: Read
*
* https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html
*/
toListBots(): this;
/**
* Grants permission to list devices for a user in a Wickr network
*
* Access Level: Read
*
* https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html
*/
toListDevicesForUser(): this;
/**
* Grants permission to list guest users in a Wickr network
*
* Access Level: Read
*
* https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html
*/
toListGuestUsers(): this;
/**
* Grants permission to list Wickr networks
*
* Access Level: Read
*
* https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html
*/
toListNetworks(): this;
/**
* Grants permission to list users in a security group in a Wickr network
*
* Access Level: Read
*
* https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html
*/
toListSecurityGroupUsers(): this;
/**
* Grants permission to list security groups in a Wickr network
*
* Access Level: Read
*
* https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html
*/
toListSecurityGroups(): this;
/**
* Grants permission to list the tags applied to a Wickr resource
*
* Access Level: Read
*
* https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html
*/
toListTagsForResource(): this;
/**
* Grants permission to list users in a Wickr network
*
* Access Level: Read
*
* https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html
*/
toListUsers(): this;
/**
* Grants permission to register OIDC configuration for a Wickr network
*
* Access Level: Write
*
* https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html
*/
toRegisterOidcConfig(): this;
/**
* Grants permission to test OIDC configuration for a Wickr network
*
* Access Level: Write
*
* https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html
*/
toRegisterOidcConfigTest(): this;
/**
* Grants permission to register and save OpenTDF integration configuration for a Wickr network
*
* Access Level: Write
*
* https://docs.aws.amazon.com/wickr/latest/APIReference/API_RegisterOpentdfConfig.html
*/
toRegisterOpentdfConfig(): this;
/**
* Grants permission to add tags to a specified Wickr resource
*
* Access Level: Tagging
*
* Possible conditions:
* - .ifAwsTagKeys()
* - .ifAwsRequestTag()
* - .ifAwsResourceTag()
*
* https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html
*/
toTagResource(): this;
/**
* Grants permission to untag the specified tags from the specified Wickr resource
*
* Access Level: Tagging
*
* Possible conditions:
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html
*/
toUntagResource(): this;
/**
* Grants permission to update a bot in a Wickr network
*
* Access Level: Write
*
* https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html
*/
toUpdateBot(): this;
/**
* Grants permission to update data retention settings in a Wickr network
*
* Access Level: Write
*
* https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html
*/
toUpdateDataRetention(): this;
/**
* Grants permission to update guest user status in a Wickr network
*
* Access Level: Write
*
* https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html
*/
toUpdateGuestUser(): this;
/**
* Grants permission to update Wickr network details
*
* Access Level: Write
*
* https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html
*/
toUpdateNetworkDetails(): this;
/**
* Grants permission to update network settings for a Wickr network
*
* Access Level: Write
*
* https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html
*/
toUpdateNetworkSettings(): this;
/**
* Grants permission to update a security group in a Wickr network
*
* Access Level: Write
*
* https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html
*/
toUpdateSecurityGroup(): this;
/**
* Grants permission to update user information in a Wickr network
*
* Access Level: Write
*
* https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html
*/
toUpdateUser(): this;
protected accessLevelList: AccessLevelList;
/**
* Adds a resource of type network to the statement
*
* https://docs.aws.amazon.com/wickr/latest/adminguide/
*
* @param networkId - Identifier for the networkId.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onNetwork(networkId: string, account?: string, region?: string, partition?: string): this;
/**
* Filters access by a tag's key and value in a request
*
* https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-requesttag
*
* Applies to actions:
* - .toCreateNetwork()
* - .toTagResource()
*
* @param tagKey The tag key to check
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifAwsRequestTag(tagKey: string, value: string | string[], operator?: Operator | string): this;
/**
* Filters access by the tag key-value pairs attached to the resource
*
* https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-resourcetag
*
* Applies to actions:
* - .toTagResource()
*
* Applies to resource types:
* - network
*
* @param tagKey The tag key to check
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifAwsResourceTag(tagKey: string, value: string | string[], operator?: Operator | string): this;
/**
* Filters access by the tag keys in a request
*
* https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-tagkeys
*
* Applies to actions:
* - .toCreateNetwork()
* - .toTagResource()
* - .toUntagResource()
*
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifAwsTagKeys(value: string | string[], operator?: Operator | string): this;
/**
* Statement provider for service [wickr](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awswickr.html).
*
*/
constructor(props?: iam.PolicyStatementProps);
}