iam-floyd

import { AccessLevelList } from '../../shared/access-level'; import { PolicyStatement, Operator } from '../../shared'; /** * Statement provider for service [codeconnections](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awscodeconnections.html). * * @param sid [SID](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_sid.html) of the statement */ export declare class Codeconnections extends PolicyStatement { servicePrefix: string; /** * Statement provider for service [codeconnections](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awscodeconnections.html). * * @param sid [SID](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_sid.html) of the statement */ constructor(sid?: string); /** * Grants permission to create a Connection resource * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * - .ifProviderType() * * https://docs.aws.amazon.com/codeconnections/latest/APIReference/API_CreateConnection.html */ toCreateConnection(): this; /** * Grants permission to create a host resource * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * - .ifProviderType() * - .ifVpcId() * * https://docs.aws.amazon.com/codeconnections/latest/APIReference/API_CreateHost.html */ toCreateHost(): this; /** * Grants permission to create a repository link * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * Dependent actions: * - codeconnections:PassConnection * - codeconnections:UseConnection * * https://docs.aws.amazon.com/codeconnections/latest/APIReference/API_CreateRepositoryLink.html */ toCreateRepositoryLink(): this; /** * Grants permission to create a template sync config * * Access Level: Write * * Possible conditions: * - .ifBranch() * * Dependent actions: * - codeconnections:PassRepository * - iam:PassRole * * https://docs.aws.amazon.com/codeconnections/latest/APIReference/API_CreateSyncConfiguration.html */ toCreateSyncConfiguration(): this; /** * Grants permission to delete a Connection resource * * Access Level: Write * * https://docs.aws.amazon.com/codeconnections/latest/APIReference/API_DeleteConnection.html */ toDeleteConnection(): this; /** * Grants permission to delete a host resource * * Access Level: Write * * https://docs.aws.amazon.com/codeconnections/latest/APIReference/API_DeleteHost.html */ toDeleteHost(): this; /** * Grants permission to delete a repository link * * Access Level: Write * * https://docs.aws.amazon.com/codeconnections/latest/APIReference/API_DeleteRepositoryLink.html */ toDeleteRepositoryLink(): this; /** * Grants permission to delete a sync configuration * * Access Level: Write * * https://docs.aws.amazon.com/codeconnections/latest/APIReference/API_DeleteSyncConfiguration.html */ toDeleteSyncConfiguration(): this; /** * Grants permission to get details about a Connection resource * * Access Level: Read * * https://docs.aws.amazon.com/codeconnections/latest/APIReference/API_GetConnection.html */ toGetConnection(): this; /** * Grants permission to get a Connection token to call provider actions * * Access Level: Read * * https://docs.aws.amazon.com/dtconsole/latest/userguide/security-iam.html#permissions-reference-connections-getconnectiontoken */ toGetConnectionToken(): this; /** * Grants permission to get details about a host resource * * Access Level: Read * * https://docs.aws.amazon.com/codeconnections/latest/APIReference/API_GetHost.html */ toGetHost(): this; /** * Grants permission to associate a third party, such as a Bitbucket App installation, with a Connection * * Access Level: Read * * Possible conditions: * - .ifProviderType() * * Dependent actions: * - codeconnections:StartOAuthHandshake * * https://docs.aws.amazon.com/dtconsole/latest/userguide/security-iam.html#permissions-reference-connections-handshake */ toGetIndividualAccessToken(): this; /** * Grants permission to associate a third party, such as a Bitbucket App installation, with a Connection * * Access Level: Read * * Possible conditions: * - .ifProviderType() * * https://docs.aws.amazon.com/dtconsole/latest/userguide/security-iam.html#permissions-reference-connections-handshake */ toGetInstallationUrl(): this; /** * Grants permission to describe a repository link * * Access Level: Read * * https://docs.aws.amazon.com/codeconnections/latest/APIReference/API_GetRepositoryLink.html */ toGetRepositoryLink(): this; /** * Grants permission to get the latest sync status for a repository * * Access Level: Read * * Possible conditions: * - .ifBranch() * * https://docs.aws.amazon.com/codeconnections/latest/APIReference/API_GetRepositorySyncStatus.html */ toGetRepositorySyncStatus(): this; /** * Grants permission to get the latest sync status for a resource (cfn stack or other resources) * * Access Level: Read * * https://docs.aws.amazon.com/codeconnections/latest/APIReference/API_GetResourceSyncStatus.html */ toGetResourceSyncStatus(): this; /** * Grants permission to describe service sync blockers on a resource (cfn stack or other resources) * * Access Level: Read * * https://docs.aws.amazon.com/codeconnections/latest/APIReference/API_GetSyncBlockerSummary.html */ toGetSyncBlockerSummary(): this; /** * Grants permission to describe a sync configuration * * Access Level: Read * * https://docs.aws.amazon.com/codeconnections/latest/APIReference/API_GetSyncConfiguration.html */ toGetSyncConfiguration(): this; /** * Grants permission to list Connection resources * * Access Level: List * * Possible conditions: * - .ifProviderTypeFilter() * * https://docs.aws.amazon.com/codeconnections/latest/APIReference/API_ListConnections.html */ toListConnections(): this; /** * Grants permission to list host resources * * Access Level: List * * Possible conditions: * - .ifProviderTypeFilter() * * https://docs.aws.amazon.com/codeconnections/latest/APIReference/API_ListHosts.html */ toListHosts(): this; /** * Grants permission to associate a third party, such as a Bitbucket App installation, with a Connection * * Access Level: List * * Dependent actions: * - codeconnections:GetIndividualAccessToken * - codeconnections:StartOAuthHandshake * * https://docs.aws.amazon.com/dtconsole/latest/userguide/security-iam.html#permissions-reference-connections-handshake */ toListInstallationTargets(): this; /** * Grants permission to list repository links * * Access Level: List * * https://docs.aws.amazon.com/codeconnections/latest/APIReference/API_ListRepositoryLinks.html */ toListRepositoryLinks(): this; /** * Grants permission to list repository sync definitions * * Access Level: List * * https://docs.aws.amazon.com/codeconnections/latest/APIReference/API_ListRepositorySyncDefinitions.html */ toListRepositorySyncDefinitions(): this; /** * Grants permission to list sync configurations for a repository link * * Access Level: List * * https://docs.aws.amazon.com/codeconnections/latest/APIReference/API_ListSyncConfigurations.html */ toListSyncConfigurations(): this; /** * Grants permission to the set of key-value pairs that are used to manage the resource * * Access Level: List * * https://docs.aws.amazon.com/codeconnections/latest/APIReference/API_ListTagsForResource.html */ toListTagsForResource(): this; /** * Grants permission to pass a Connection resource to an AWS service that accepts a Connection ARN as input, such as codepipeline:CreatePipeline * * Access Level: Read * * Possible conditions: * - .ifPassedToService() * * https://docs.aws.amazon.com/dtconsole/latest/userguide/security-iam.html#permissions-reference-connections-passconnection */ toPassConnection(): this; /** * Grants permission to pass a repository link resource to an AWS service that accepts a RepositoryLinkId as input, such as codeconnections:CreateSyncConfiguration * * Access Level: Read * * Possible conditions: * - .ifPassedToService() * * https://docs.aws.amazon.com/dtconsole/latest/userguide/security-iam.html#permissions-reference-connections-passrepository */ toPassRepository(): this; /** * Grants permission to associate a third party server, such as a GitHub Enterprise Server instance, with a Host * * Access Level: Read * * Possible conditions: * - .ifHostArn() * * https://docs.aws.amazon.com/dtconsole/latest/userguide/security-iam.html#connections-permissions-actions-host-registration */ toRegisterAppCode(): this; /** * Grants permission to associate a third party server, such as a GitHub Enterprise Server instance, with a Host * * Access Level: Read * * Possible conditions: * - .ifHostArn() * * https://docs.aws.amazon.com/dtconsole/latest/userguide/security-iam.html#connections-permissions-actions-host-registration */ toStartAppRegistrationHandshake(): this; /** * Grants permission to associate a third party, such as a Bitbucket App installation, with a Connection * * Access Level: Read * * Possible conditions: * - .ifProviderType() * * https://docs.aws.amazon.com/dtconsole/latest/userguide/security-iam.html#permissions-reference-connections-handshake */ toStartOAuthHandshake(): this; /** * Grants permission to add or modify the tags of the given resource * * Access Level: Tagging * * Possible conditions: * - .ifAwsTagKeys() * - .ifAwsRequestTag() * * https://docs.aws.amazon.com/codeconnections/latest/APIReference/API_TagResource.html */ toTagResource(): this; /** * Grants permission to remove tags from an AWS resource * * Access Level: Tagging * * Possible conditions: * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/codeconnections/latest/APIReference/API_UntagResource.html */ toUntagResource(): this; /** * Grants permission to update a Connection resource with an installation of the CodeStar Connections App * * Access Level: Write * * Possible conditions: * - .ifInstallationId() * * Dependent actions: * - codeconnections:GetIndividualAccessToken * - codeconnections:GetInstallationUrl * - codeconnections:ListInstallationTargets * - codeconnections:StartOAuthHandshake * * https://docs.aws.amazon.com/dtconsole/latest/userguide/security-iam.html#permissions-reference-connections-handshake */ toUpdateConnectionInstallation(): this; /** * Grants permission to update a host resource * * Access Level: Write * * Possible conditions: * - .ifVpcId() * * https://docs.aws.amazon.com/codeconnections/latest/APIReference/API_UpdateHost.html */ toUpdateHost(): this; /** * Grants permission to update a repository link * * Access Level: Write * * https://docs.aws.amazon.com/codeconnections/latest/APIReference/API_UpdateRepositoryLink.html */ toUpdateRepositoryLink(): this; /** * Grants permission to update a sync blocker for a resource (cfn stack or other resources) * * Access Level: Write * * https://docs.aws.amazon.com/codeconnections/latest/APIReference/API_UpdateSyncBlocker.html */ toUpdateSyncBlocker(): this; /** * Grants permission to update a sync configuration * * Access Level: Write * * Possible conditions: * - .ifBranch() * * https://docs.aws.amazon.com/codeconnections/latest/APIReference/API_UpdateSyncConfiguration.html */ toUpdateSyncConfiguration(): this; /** * Grants permission to use a Connection resource to call provider actions * * Access Level: Read * * Possible conditions: * - .ifBranchName() * - .ifFullRepositoryId() * - .ifOwnerId() * - .ifProviderAction() * - .ifProviderPermissionsRequired() * - .ifRepositoryName() * * https://docs.aws.amazon.com/dtconsole/latest/userguide/security-iam.html#permissions-reference-connections-use */ toUseConnection(): this; protected accessLevelList: AccessLevelList; /** * Adds a resource of type Connection to the statement * * https://docs.aws.amazon.com/dtconsole/latest/userguide/connections.html * * @param connectionId - Identifier for the connectionId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onConnection(connectionId: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type Host to the statement * * https://docs.aws.amazon.com/dtconsole/latest/userguide/connections-hosts.html * * @param hostId - Identifier for the hostId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onHost(hostId: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type RepositoryLink to the statement * * https://docs.aws.amazon.com/dtconsole/latest/userguide/repositorylinks.html * * @param repositoryLinkId - Identifier for the repositoryLinkId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onRepositoryLink(repositoryLinkId: string, account?: string, region?: string, partition?: string): this; /** * Filters access by the tags that are passed in the request * * https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-requesttag * * Applies to actions: * - .toCreateConnection() * - .toCreateHost() * - .toCreateRepositoryLink() * - .toTagResource() * * @param tagKey The tag key to check * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifAwsRequestTag(tagKey: string, value: string | string[], operator?: Operator | string): this; /** * Filters access by the tags associated with the resource * * https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-resourcetag * * Applies to resource types: * - Connection * - Host * - RepositoryLink * * @param tagKey The tag key to check * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifAwsResourceTag(tagKey: string, value: string | string[], operator?: Operator | string): this; /** * Filters access by the tag keys that are passed in the request * * https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-tagkeys * * Applies to actions: * - .toCreateConnection() * - .toCreateHost() * - .toCreateRepositoryLink() * - .toTagResource() * - .toUntagResource() * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifAwsTagKeys(value: string | string[], operator?: Operator | string): this; /** * Filters access by the branch name that is passed in the request * * https://docs.aws.amazon.com/dtconsole/latest/userguide/security-iam.html#permissions-reference-connections-handshake * * Applies to actions: * - .toCreateSyncConfiguration() * - .toGetRepositorySyncStatus() * - .toUpdateSyncConfiguration() * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifBranch(value: string | string[], operator?: Operator | string): this; /** * Filters access by the branch name that is passed in the request. Applies only to UseConnection requests for access to a specific repository branch * * https://docs.aws.amazon.com/dtconsole/latest/userguide/security-iam.html#permissions-reference-connections-use * * Applies to actions: * - .toUseConnection() * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifBranchName(value: string | string[], operator?: Operator | string): this; /** * Filters access by the repository that is passed in the request. Applies only to UseConnection requests for access to a specific repository * * https://docs.aws.amazon.com/dtconsole/latest/userguide/security-iam.html#permissions-reference-connections-use * * Applies to actions: * - .toUseConnection() * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifFullRepositoryId(value: string | string[], operator?: Operator | string): this; /** * Filters access by the host resource associated with the connection used in the request * * https://docs.aws.amazon.com/dtconsole/latest/userguide/security-iam.html#permissions-reference-connections-hosts * * Applies to actions: * - .toRegisterAppCode() * - .toStartAppRegistrationHandshake() * * @param value The value(s) to check * @param operator Works with [arn operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_ARN). **Default:** `ArnLike` */ ifHostArn(value: string | string[], operator?: Operator | string): this; /** * Filters access by the third-party ID (such as the Bitbucket App installation ID for CodeConnections) that is used to update a Connection. Allows you to restrict which third-party App installations can be used to make a Connection * * https://docs.aws.amazon.com/dtconsole/latest/userguide/security-iam.html#permissions-reference-connections-handshake * * Applies to actions: * - .toUpdateConnectionInstallation() * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifInstallationId(value: string | string[], operator?: Operator | string): this; /** * Filters access by the owner of the third-party repository. Applies only to UseConnection requests for access to repositories owned by a specific user * * https://docs.aws.amazon.com/dtconsole/latest/userguide/security-iam.html#permissions-reference-connections-use * * Applies to actions: * - .toUseConnection() * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifOwnerId(value: string | string[], operator?: Operator | string): this; /** * Filters access by the service to which the principal is allowed to pass a Connection or RepositoryLink * * https://docs.aws.amazon.com/dtconsole/latest/userguide/security-iam.html#permissions-reference-connections-passconnection * * Applies to actions: * - .toPassConnection() * - .toPassRepository() * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifPassedToService(value: string | string[], operator?: Operator | string): this; /** * Filters access by the provider action in a UseConnection request such as ListRepositories. See documentation for all valid values * * https://docs.aws.amazon.com/dtconsole/latest/userguide/security-iam.html#permissions-reference-connections-access * * Applies to actions: * - .toUseConnection() * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifProviderAction(value: string | string[], operator?: Operator | string): this; /** * Filters access by the write permissions of a provider action in a UseConnection request. Valid types include read_only and read_write * * https://docs.aws.amazon.com/dtconsole/latest/userguide/security-iam.html#permissions-reference-connections-use * * Applies to actions: * - .toUseConnection() * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifProviderPermissionsRequired(value: string | string[], operator?: Operator | string): this; /** * Filters access by the type of third-party provider passed in the request * * https://docs.aws.amazon.com/dtconsole/latest/userguide/security-iam.html#permissions-reference-connections-managing * * Applies to actions: * - .toCreateConnection() * - .toCreateHost() * - .toGetIndividualAccessToken() * - .toGetInstallationUrl() * - .toStartOAuthHandshake() * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifProviderType(value: string | string[], operator?: Operator | string): this; /** * Filters access by the type of third-party provider used to filter results * * https://docs.aws.amazon.com/dtconsole/latest/userguide/security-iam.html#permissions-reference-connections-managing * * Applies to actions: * - .toListConnections() * - .toListHosts() * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifProviderTypeFilter(value: string | string[], operator?: Operator | string): this; /** * Filters access by the repository name that is passed in the request. Applies only to UseConnection requests for access to repositories owned by a specific user * * https://docs.aws.amazon.com/dtconsole/latest/userguide/security-iam.html#permissions-reference-connections-use * * Applies to actions: * - .toUseConnection() * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifRepositoryName(value: string | string[], operator?: Operator | string): this; /** * Filters access by the VpcId passed in the request * * https://docs.aws.amazon.com/dtconsole/latest/userguide/security-iam.html#permissions-reference-connections-hosts * * Applies to actions: * - .toCreateHost() * - .toUpdateHost() * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifVpcId(value: string | string[], operator?: Operator | string): this; }