iam-floyd
Version:
AWS IAM policy statement generator with fluent interface
1,131 lines • 117 kB
JavaScript
"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.Events = void 0;
const shared_1 = require("../../shared");
/**
* Statement provider for service [events](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoneventbridge.html).
*
* @param sid [SID](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_sid.html) of the statement
*/
class Events extends shared_1.PolicyStatement {
/**
* Statement provider for service [events](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoneventbridge.html).
*
* @param sid [SID](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_sid.html) of the statement
*/
constructor(sid) {
super(sid);
this.servicePrefix = 'events';
this.accessLevelList = {
Write: [
'ActivateEventSource',
'CancelReplay',
'CreateApiDestination',
'CreateArchive',
'CreateConnection',
'CreateEndpoint',
'CreateEventBus',
'CreatePartnerEventSource',
'DeactivateEventSource',
'DeauthorizeConnection',
'DeleteApiDestination',
'DeleteArchive',
'DeleteConnection',
'DeleteEndpoint',
'DeleteEventBus',
'DeletePartnerEventSource',
'DeleteRule',
'DisableRule',
'EnableRule',
'InvokeApiDestination',
'PutEvents',
'PutPartnerEvents',
'PutRule',
'PutTargets',
'RemoveTargets',
'RetrieveConnectionCredentials',
'StartReplay',
'UpdateApiDestination',
'UpdateArchive',
'UpdateConnection',
'UpdateEndpoint',
'UpdateEventBus'
],
Read: [
'DescribeApiDestination',
'DescribeArchive',
'DescribeConnection',
'DescribeEndpoint',
'DescribeEventBus',
'DescribeEventSource',
'DescribePartnerEventSource',
'DescribeReplay',
'DescribeRule',
'TestEventPattern'
],
List: [
'ListApiDestinations',
'ListArchives',
'ListConnections',
'ListEndpoints',
'ListEventBuses',
'ListEventSources',
'ListPartnerEventSourceAccounts',
'ListPartnerEventSources',
'ListReplays',
'ListRuleNamesByTarget',
'ListRules',
'ListTagsForResource',
'ListTargetsByRule'
],
'Permissions management': [
'PutPermission',
'RemovePermission'
],
Tagging: [
'TagResource',
'UntagResource'
]
};
}
/**
* Grants permission to activate partner event sources
*
* Access Level: Write
*
* https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_ActivateEventSource.html
*/
toActivateEventSource() {
return this.to('ActivateEventSource');
}
/**
* Grants permission to cancel a replay
*
* Access Level: Write
*
* https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_CancelReplay.html
*/
toCancelReplay() {
return this.to('CancelReplay');
}
/**
* Grants permission to create a new api destination
*
* Access Level: Write
*
* https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_CreateApiDestination.html
*/
toCreateApiDestination() {
return this.to('CreateApiDestination');
}
/**
* Grants permission to create a new archive
*
* Access Level: Write
*
* https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_CreateArchive.html
*/
toCreateArchive() {
return this.to('CreateArchive');
}
/**
* Grants permission to create a new connection
*
* Access Level: Write
*
* https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_CreateConnection.html
*/
toCreateConnection() {
return this.to('CreateConnection');
}
/**
* Grants permission to create an endpoint
*
* Access Level: Write
*
* Possible conditions:
* - .ifEventBusArn()
*
* https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_CreateEndpoint.html
*/
toCreateEndpoint() {
return this.to('CreateEndpoint');
}
/**
* Grants permission to create event buses
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_CreateEventBus.html
*/
toCreateEventBus() {
return this.to('CreateEventBus');
}
/**
* Grants permission to create partner event sources
*
* Access Level: Write
*
* https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_CreatePartnerEventSource.html
*/
toCreatePartnerEventSource() {
return this.to('CreatePartnerEventSource');
}
/**
* Grants permission to deactivate event sources
*
* Access Level: Write
*
* https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DeactivateEventSource.html
*/
toDeactivateEventSource() {
return this.to('DeactivateEventSource');
}
/**
* Grants permission to deauthorize a connection, deleting its stored authorization secrets
*
* Access Level: Write
*
* https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DeauthorizeConnection.html
*/
toDeauthorizeConnection() {
return this.to('DeauthorizeConnection');
}
/**
* Grants permission to delete an api destination
*
* Access Level: Write
*
* https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DeleteApiDestination.html
*/
toDeleteApiDestination() {
return this.to('DeleteApiDestination');
}
/**
* Grants permission to delete an archive
*
* Access Level: Write
*
* https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DeleteArchive.html
*/
toDeleteArchive() {
return this.to('DeleteArchive');
}
/**
* Grants permission to delete a connection
*
* Access Level: Write
*
* https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DeleteConnection.html
*/
toDeleteConnection() {
return this.to('DeleteConnection');
}
/**
* Grants permission to delete an endpoint
*
* Access Level: Write
*
* https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DeleteEndpoint.html
*/
toDeleteEndpoint() {
return this.to('DeleteEndpoint');
}
/**
* Grants permission to delete event buses
*
* Access Level: Write
*
* https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DeleteEventBus.html
*/
toDeleteEventBus() {
return this.to('DeleteEventBus');
}
/**
* Grants permission to delete partner event sources
*
* Access Level: Write
*
* https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DeletePartnerEventSource.html
*/
toDeletePartnerEventSource() {
return this.to('DeletePartnerEventSource');
}
/**
* Grants permission to delete rules
*
* Access Level: Write
*
* Possible conditions:
* - .ifCreatorAccount()
* - .ifManagedBy()
*
* https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DeleteRule.html
*/
toDeleteRule() {
return this.to('DeleteRule');
}
/**
* Grants permission to retrieve details about an api destination
*
* Access Level: Read
*
* https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DescribeApiDestination.html
*/
toDescribeApiDestination() {
return this.to('DescribeApiDestination');
}
/**
* Grants permission to retrieve details about an archive
*
* Access Level: Read
*
* https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DescribeArchive.html
*/
toDescribeArchive() {
return this.to('DescribeArchive');
}
/**
* Grants permission to retrieve details about a conection
*
* Access Level: Read
*
* https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DescribeConnection.html
*/
toDescribeConnection() {
return this.to('DescribeConnection');
}
/**
* Grants permission to retrieve details about an endpoint
*
* Access Level: Read
*
* https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DescribeEndpoint.html
*/
toDescribeEndpoint() {
return this.to('DescribeEndpoint');
}
/**
* Grants permission to retrieve details about event buses
*
* Access Level: Read
*
* https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DescribeEventBus.html
*/
toDescribeEventBus() {
return this.to('DescribeEventBus');
}
/**
* Grants permission to retrieve details about event sources
*
* Access Level: Read
*
* https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DescribeEventSource.html
*/
toDescribeEventSource() {
return this.to('DescribeEventSource');
}
/**
* Grants permission to retrieve details about partner event sources
*
* Access Level: Read
*
* https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DescribePartnerEventSource.html
*/
toDescribePartnerEventSource() {
return this.to('DescribePartnerEventSource');
}
/**
* Grants permission to retrieve the details of a replay
*
* Access Level: Read
*
* https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DescribeReplay.html
*/
toDescribeReplay() {
return this.to('DescribeReplay');
}
/**
* Grants permission to retrieve details about rules
*
* Access Level: Read
*
* Possible conditions:
* - .ifCreatorAccount()
*
* https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DescribeRule.html
*/
toDescribeRule() {
return this.to('DescribeRule');
}
/**
* Grants permission to disable rules
*
* Access Level: Write
*
* Possible conditions:
* - .ifCreatorAccount()
* - .ifManagedBy()
*
* https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DisableRule.html
*/
toDisableRule() {
return this.to('DisableRule');
}
/**
* Grants permission to enable rules
*
* Access Level: Write
*
* Possible conditions:
* - .ifCreatorAccount()
* - .ifManagedBy()
*
* https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_EnableRule.html
*/
toEnableRule() {
return this.to('EnableRule');
}
/**
* Grants permission to invoke an api destination
*
* Access Level: Write
*
* https://docs.aws.amazon.com/eventbridge/latest/userguide/iam-identity-based-access-control-eventbridge.html
*/
toInvokeApiDestination() {
return this.to('InvokeApiDestination');
}
/**
* Grants permission to retrieve a list of api destinations
*
* Access Level: List
*
* https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_ListApiDestinations.html
*/
toListApiDestinations() {
return this.to('ListApiDestinations');
}
/**
* Grants permission to retrieve a list of archives
*
* Access Level: List
*
* https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_ListArchives.html
*/
toListArchives() {
return this.to('ListArchives');
}
/**
* Grants permission to retrieve a list of connections
*
* Access Level: List
*
* https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_ListConnections.html
*/
toListConnections() {
return this.to('ListConnections');
}
/**
* Grants permission to retrieve a list of endpoints
*
* Access Level: List
*
* https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_ListEndpoints.html
*/
toListEndpoints() {
return this.to('ListEndpoints');
}
/**
* Grants permission to retrieve a list of the event buses in your account
*
* Access Level: List
*
* https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_ListEventBuses.html
*/
toListEventBuses() {
return this.to('ListEventBuses');
}
/**
* Grants permission to to retrieve a list of event sources shared with this account
*
* Access Level: List
*
* https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_ListEventSources.html
*/
toListEventSources() {
return this.to('ListEventSources');
}
/**
* Grants permission to retrieve a list of AWS account IDs associated with an event source
*
* Access Level: List
*
* https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_ListPartnerEventSourceAccounts.html
*/
toListPartnerEventSourceAccounts() {
return this.to('ListPartnerEventSourceAccounts');
}
/**
* Grants permission to retrieve a list partner event sources
*
* Access Level: List
*
* https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_ListPartnerEventSources.html
*/
toListPartnerEventSources() {
return this.to('ListPartnerEventSources');
}
/**
* Grants permission to retrieve a list of replays
*
* Access Level: List
*
* https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_ListReplays.html
*/
toListReplays() {
return this.to('ListReplays');
}
/**
* Grants permission to retrieve a list of the names of the rules associated with a target
*
* Access Level: List
*
* https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_ListRuleNamesByTarget.html
*/
toListRuleNamesByTarget() {
return this.to('ListRuleNamesByTarget');
}
/**
* Grants permission to retrieve a list of the Amazon EventBridge rules in the account
*
* Access Level: List
*
* https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_ListRules.html
*/
toListRules() {
return this.to('ListRules');
}
/**
* Grants permission to retrieve a list of tags associated with an Amazon EventBridge resource
*
* Access Level: List
*
* Possible conditions:
* - .ifCreatorAccount()
*
* https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_ListTagsForResource.html
*/
toListTagsForResource() {
return this.to('ListTagsForResource');
}
/**
* Grants permission to retrieve a list of targets defined for a rule
*
* Access Level: List
*
* Possible conditions:
* - .ifCreatorAccount()
*
* https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_ListTargetsByRule.html
*/
toListTargetsByRule() {
return this.to('ListTargetsByRule');
}
/**
* Grants permission to send custom events to Amazon EventBridge
*
* Access Level: Write
*
* Possible conditions:
* - .ifDetailType()
* - .ifSource()
* - .ifEventBusInvocation()
*
* https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_PutEvents.html
*/
toPutEvents() {
return this.to('PutEvents');
}
/**
* Grants permission to sends custom events to Amazon EventBridge
*
* Access Level: Write
*
* https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_PutPartnerEvents.html
*/
toPutPartnerEvents() {
return this.to('PutPartnerEvents');
}
/**
* Grants permission to use the PutPermission action to grants permission to another AWS account to put events to your default event bus
*
* Access Level: Permissions management
*
* https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_PutPermission.html
*/
toPutPermission() {
return this.to('PutPermission');
}
/**
* Grants permission to create or updates rules
*
* Access Level: Write
*
* Possible conditions:
* - .ifDetailUserIdentityPrincipalId()
* - .ifDetailType()
* - .ifSource()
* - .ifDetailService()
* - .ifDetailEventTypeCode()
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
* - .ifCreatorAccount()
* - .ifManagedBy()
*
* https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_PutRule.html
*/
toPutRule() {
return this.to('PutRule');
}
/**
* Grants permission to add targets to a rule
*
* Access Level: Write
*
* Possible conditions:
* - .ifTargetArn()
* - .ifCreatorAccount()
* - .ifManagedBy()
*
* https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_PutTargets.html
*/
toPutTargets() {
return this.to('PutTargets');
}
/**
* Grants permission to revoke the permission of another AWS account to put events to your default event bus
*
* Access Level: Permissions management
*
* https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_RemovePermission.html
*/
toRemovePermission() {
return this.to('RemovePermission');
}
/**
* Grants permission to removes targets from a rule
*
* Access Level: Write
*
* Possible conditions:
* - .ifCreatorAccount()
* - .ifManagedBy()
*
* https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_RemoveTargets.html
*/
toRemoveTargets() {
return this.to('RemoveTargets');
}
/**
* Grants permission to retrieve credentials from a connection
*
* Access Level: Write
*
* https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-api-destinations.html
*/
toRetrieveConnectionCredentials() {
return this.to('RetrieveConnectionCredentials');
}
/**
* Grants permission to start a replay of an archive
*
* Access Level: Write
*
* https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_StartReplay.html
*/
toStartReplay() {
return this.to('StartReplay');
}
/**
* Grants permission to add a tag to an Amazon EventBridge resource
*
* Access Level: Tagging
*
* Possible conditions:
* - .ifAwsTagKeys()
* - .ifAwsRequestTag()
* - .ifCreatorAccount()
*
* https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_TagResource.html
*/
toTagResource() {
return this.to('TagResource');
}
/**
* Grants permission to test whether an event pattern matches the provided event
*
* Access Level: Read
*
* https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_TestEventPattern.html
*/
toTestEventPattern() {
return this.to('TestEventPattern');
}
/**
* Grants permission to remove a tag from an Amazon EventBridge resource
*
* Access Level: Tagging
*
* Possible conditions:
* - .ifAwsTagKeys()
* - .ifCreatorAccount()
*
* https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_UntagResource.html
*/
toUntagResource() {
return this.to('UntagResource');
}
/**
* Grants permission to update an api destination
*
* Access Level: Write
*
* https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_UpdateApiDestination.html
*/
toUpdateApiDestination() {
return this.to('UpdateApiDestination');
}
/**
* Grants permission to update an archive
*
* Access Level: Write
*
* https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_UpdateArchive.html
*/
toUpdateArchive() {
return this.to('UpdateArchive');
}
/**
* Grants permission to update a connection
*
* Access Level: Write
*
* https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_UpdateConnection.html
*/
toUpdateConnection() {
return this.to('UpdateConnection');
}
/**
* Grants permission to update an endpoint
*
* Access Level: Write
*
* Possible conditions:
* - .ifEventBusArn()
*
* https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_UpdateEndpoint.html
*/
toUpdateEndpoint() {
return this.to('UpdateEndpoint');
}
/**
* Grants permission to update event buses
*
* Access Level: Write
*
* https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_UpdateEventBus.html
*/
toUpdateEventBus() {
return this.to('UpdateEventBus');
}
/**
* Adds a resource of type event-source to the statement
*
* https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-manage-iam-access.html#eventbridge-arn-format
*
* @param eventSourceName - Identifier for the eventSourceName.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*/
onEventSource(eventSourceName, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:events:${region ?? this.defaultRegion}::event-source/${eventSourceName}`);
}
/**
* Adds a resource of type event-bus to the statement
*
* https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-manage-iam-access.html#eventbridge-arn-format
*
* @param eventBusName - Identifier for the eventBusName.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onEventBus(eventBusName, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:events:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:event-bus/${eventBusName}`);
}
/**
* Adds a resource of type rule-on-default-event-bus to the statement
*
* https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-manage-iam-access.html#eventbridge-arn-format
*
* @param ruleName - Identifier for the ruleName.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onRuleOnDefaultEventBus(ruleName, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:events:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:rule/${ruleName}`);
}
/**
* Adds a resource of type rule-on-custom-event-bus to the statement
*
* https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-manage-iam-access.html#eventbridge-arn-format
*
* @param eventBusName - Identifier for the eventBusName.
* @param ruleName - Identifier for the ruleName.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onRuleOnCustomEventBus(eventBusName, ruleName, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:events:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:rule/${eventBusName}/${ruleName}`);
}
/**
* Adds a resource of type archive to the statement
*
* https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-manage-iam-access.html#eventbridge-arn-format
*
* @param archiveName - Identifier for the archiveName.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*/
onArchive(archiveName, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:events:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:archive/${archiveName}`);
}
/**
* Adds a resource of type replay to the statement
*
* https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-manage-iam-access.html#eventbridge-arn-format
*
* @param replayName - Identifier for the replayName.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*/
onReplay(replayName, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:events:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:replay/${replayName}`);
}
/**
* Adds a resource of type connection to the statement
*
* https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-manage-iam-access.html#eventbridge-arn-format
*
* @param connectionName - Identifier for the connectionName.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*/
onConnection(connectionName, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:events:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:connection/${connectionName}`);
}
/**
* Adds a resource of type api-destination to the statement
*
* https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-manage-iam-access.html#eventbridge-arn-format
*
* @param apiDestinationName - Identifier for the apiDestinationName.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*/
onApiDestination(apiDestinationName, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:events:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:api-destination/${apiDestinationName}`);
}
/**
* Adds a resource of type endpoint to the statement
*
* https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-manage-iam-access.html#eventbridge-arn-format
*
* @param endpointName - Identifier for the endpointName.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*/
onEndpoint(endpointName, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:events:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:endpoint/${endpointName}`);
}
/**
* Adds a resource of type create-snapshot to the statement
*
* https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-manage-iam-access.html#eventbridge-arn-format
*
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*/
onCreateSnapshot(account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:events:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:target/create-snapshot`);
}
/**
* Adds a resource of type reboot-instance to the statement
*
* https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-manage-iam-access.html#eventbridge-arn-format
*
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*/
onRebootInstance(account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:events:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:target/reboot-instance`);
}
/**
* Adds a resource of type stop-instance to the statement
*
* https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-manage-iam-access.html#eventbridge-arn-format
*
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*/
onStopInstance(account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:events:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:target/stop-instance`);
}
/**
* Adds a resource of type terminate-instance to the statement
*
* https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-manage-iam-access.html#eventbridge-arn-format
*
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*/
onTerminateInstance(account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:events:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:target/terminate-instance`);
}
/**
* Filters access by the allowed set of values for each of the tags to event bus and rule actions
*
* https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-requesttag
*
* Applies to actions:
* - .toCreateEventBus()
* - .toPutRule()
* - .toTagResource()
*
* @param tagKey The tag key to check
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifAwsRequestTag(tagKey, value, operator) {
return this.if(`aws:RequestTag/${tagKey}`, value, operator ?? 'StringLike');
}
/**
* Filters access by tag-value associated with the resource to event bus and rule actions
*
* https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-resourcetag
*
* Applies to resource types:
* - event-bus
* - rule-on-default-event-bus
* - rule-on-custom-event-bus
*
* @param tagKey The tag key to check
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifAwsResourceTag(tagKey, value, operator) {
return this.if(`aws:ResourceTag/${tagKey}`, value, operator ?? 'StringLike');
}
/**
* Filters access by the tags in the request to event bus and rule actions
*
* https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-tagkeys
*
* Applies to actions:
* - .toCreateEventBus()
* - .toPutRule()
* - .toTagResource()
* - .toUntagResource()
*
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifAwsTagKeys(value, operator) {
return this.if(`aws:TagKeys`, value, operator ?? 'StringLike');
}
/**
* Filters access by the ARN of the event buses that can be associated with an endpoint to CreateEndpoint and UpdateEndpoint actions
*
* https://docs.aws.amazon.com/eventbridge/latest/userguide/policy-keys-eventbridge.html#limiting-access-to-event-buses
*
* Applies to actions:
* - .toCreateEndpoint()
* - .toUpdateEndpoint()
*
* @param value The value(s) to check
* @param operator Works with [arn operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_ARN). **Default:** `ArnLike`
*/
ifEventBusArn(value, operator) {
return this.if(`EventBusArn`, value, operator ?? 'ArnLike');
}
/**
* Filters access by AWS services. If a rule is created by an AWS service on your behalf, the value is the principal name of the service that created the rule
*
* https://docs.aws.amazon.com/eventbridge/latest/userguide/policy-keys-eventbridge.html
*
* Applies to actions:
* - .toDeleteRule()
* - .toDisableRule()
* - .toEnableRule()
* - .toPutRule()
* - .toPutTargets()
* - .toRemoveTargets()
*
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifManagedBy(value, operator) {
return this.if(`ManagedBy`, value, operator ?? 'StringLike');
}
/**
* Filters access by the ARN of a target that can be put to a rule to PutTargets actions. TargetARN doesn't include DeadLetterConfigArn
*
* https://docs.aws.amazon.com/eventbridge/latest/userguide/policy-keys-eventbridge.html#limiting-access-to-targets
*
* Applies to actions:
* - .toPutTargets()
*
* @param value The value(s) to check
* @param operator Works with [arn operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_ARN). **Default:** `ArnLike`
*/
ifTargetArn(value, operator) {
return this.if(`TargetArn`, value, operator ?? 'ArnLike');
}
/**
* Filters access by the account the rule was created in to rule actions
*
* https://docs.aws.amazon.com/eventbridge/latest/userguide/policy-keys-eventbridge.html#events-creator-account
*
* Applies to actions:
* - .toDeleteRule()
* - .toDescribeRule()
* - .toDisableRule()
* - .toEnableRule()
* - .toListTagsForResource()
* - .toListTargetsByRule()
* - .toPutRule()
* - .toPutTargets()
* - .toRemoveTargets()
* - .toTagResource()
* - .toUntagResource()
*
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifCreatorAccount(value, operator) {
return this.if(`creatorAccount`, value, operator ?? 'StringLike');
}
/**
* Filters access by the literal string of the detail-type of the event to PutEvents and PutRule actions
*
* https://docs.aws.amazon.com/eventbridge/latest/userguide/policy-keys-eventbridge.html#events-pattern-detail-type
*
* Applies to actions:
* - .toPutEvents()
* - .toPutRule()
*
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifDetailType(value, operator) {
return this.if(`detail-type`, value, operator ?? 'StringLike');
}
/**
* Filters access by the literal string for the detail.eventTypeCode field of the event to PutRule actions
*
* https://docs.aws.amazon.com/eventbridge/latest/userguide/policy-keys-eventbridge.html#limit-rule-by-type-code
*
* Applies to actions:
* - .toPutRule()
*
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifDetailEventTypeCode(value, operator) {
return this.if(`detail.eventTypeCode`, value, operator ?? 'StringLike');
}
/**
* Filters access by the literal string for the detail.service field of the event to PutRule actions
*
* https://docs.aws.amazon.com/eventbridge/latest/userguide/policy-keys-eventbridge.html#limit-rule-by-service
*
* Applies to actions:
* - .toPutRule()
*
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifDetailService(value, operator) {
return this.if(`detail.service`, value, operator ?? 'StringLike');
}
/**
* Filters access by the literal string for the detail.useridentity.principalid field of the event to PutRule actions
*
* https://docs.aws.amazon.com/eventbridge/latest/userguide/policy-keys-eventbridge.html#consume-specific-events
*
* Applies to actions:
* - .toPutRule()
*
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifDetailUserIdentityPrincipalId(value, operator) {
return this.if(`detail.userIdentity.principalId`, value, operator ?? 'StringLike');
}
/**
* Filters access by whether the event was generated via API or cross-account bus invocation to PutEvents actions
*
* https://docs.aws.amazon.com/eventbridge/latest/userguide/policy-keys-eventbridge.html#events-bus-invocation
*
* Applies to actions:
* - .toPutEvents()
*
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifEventBusInvocation(value, operator) {
return this.if(`eventBusInvocation`, value, operator ?? 'StringLike');
}
/**
* Filters access by the AWS service or AWS partner event source that generated the event to PutEvents and PutRule actions. Matches the literal string of the source field of the event
*
* https://docs.aws.amazon.com/eventbridge/latest/userguide/policy-keys-eventbridge.html#events-limit-access-control
*
* Applies to actions:
* - .toPutEvents()
* - .toPutRule()
*
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifSource(value, operator) {
return this.if(`source`, value, operator ?? 'StringLike');
}
}
exports.Events = Events;
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZXZlbnRicmlkZ2UuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyJldmVudGJyaWRnZS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFDQSx5Q0FBeUQ7QUFFekQ7Ozs7R0FJRztBQUNILE1BQWEsTUFBTyxTQUFRLHdCQUFlO0lBR3pDOzs7O09BSUc7SUFDSCxZQUFZLEdBQVk7UUFDdEIsS0FBSyxDQUFDLEdBQUcsQ0FBQyxDQUFDO1FBUk4sa0JBQWEsR0FBRyxRQUFRLENBQUM7UUFxdEJ0QixvQkFBZSxHQUFvQjtZQUMzQyxLQUFLLEVBQUU7Z0JBQ0wscUJBQXFCO2dCQUNyQixjQUFjO2dCQUNkLHNCQUFzQjtnQkFDdEIsZUFBZTtnQkFDZixrQkFBa0I7Z0JBQ2xCLGdCQUFnQjtnQkFDaEIsZ0JBQWdCO2dCQUNoQiwwQkFBMEI7Z0JBQzFCLHVCQUF1QjtnQkFDdkIsdUJBQXVCO2dCQUN2QixzQkFBc0I7Z0JBQ3RCLGVBQWU7Z0JBQ2Ysa0JBQWtCO2dCQUNsQixnQkFBZ0I7Z0JBQ2hCLGdCQUFnQjtnQkFDaEIsMEJBQTBCO2dCQUMxQixZQUFZO2dCQUNaLGFBQWE7Z0JBQ2IsWUFBWTtnQkFDWixzQkFBc0I7Z0JBQ3RCLFdBQVc7Z0JBQ1gsa0JBQWtCO2dCQUNsQixTQUFTO2dCQUNULFlBQVk7Z0JBQ1osZUFBZTtnQkFDZiwrQkFBK0I7Z0JBQy9CLGFBQWE7Z0JBQ2Isc0JBQXNCO2dCQUN0QixlQUFlO2dCQUNmLGtCQUFrQjtnQkFDbEIsZ0JBQWdCO2dCQUNoQixnQkFBZ0I7YUFDakI7WUFDRCxJQUFJLEVBQUU7Z0JBQ0osd0JBQXdCO2dCQUN4QixpQkFBaUI7Z0JBQ2pCLG9CQUFvQjtnQkFDcEIsa0JBQWtCO2dCQUNsQixrQkFBa0I7Z0JBQ2xCLHFCQUFxQjtnQkFDckIsNEJBQTRCO2dCQUM1QixnQkFBZ0I7Z0JBQ2hCLGNBQWM7Z0JBQ2Qsa0JBQWtCO2FBQ25CO1lBQ0QsSUFBSSxFQUFFO2dCQUNKLHFCQUFxQjtnQkFDckIsY0FBYztnQkFDZCxpQkFBaUI7Z0JBQ2pCLGVBQWU7Z0JBQ2YsZ0JBQWdCO2dCQUNoQixrQkFBa0I7Z0JBQ2xCLGdDQUFnQztnQkFDaEMseUJBQXlCO2dCQUN6QixhQUFhO2dCQUNiLHVCQUF1QjtnQkFDdkIsV0FBVztnQkFDWCxxQkFBcUI7Z0JBQ3JCLG1CQUFtQjthQUNwQjtZQUNELHdCQUF3QixFQUFFO2dCQUN4QixlQUFlO2dCQUNmLGtCQUFrQjthQUNuQjtZQUNELE9BQU8sRUFBRTtnQkFDUCxhQUFhO2dCQUNiLGVBQWU7YUFDaEI7U0FDRixDQUFDO0lBbHhCRixDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0kscUJBQXFCO1FBQzFCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxxQkFBcUIsQ0FBQyxDQUFDO0lBQ3hDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxjQUFjO1FBQ25CLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxjQUFjLENBQUMsQ0FBQztJQUNqQyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksc0JBQXNCO1FBQzNCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxzQkFBc0IsQ0FBQyxDQUFDO0lBQ3pDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxlQUFlO1FBQ3BCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxlQUFlLENBQUMsQ0FBQztJQUNsQyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksa0JBQWtCO1FBQ3ZCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxrQkFBa0IsQ0FBQyxDQUFDO0lBQ3JDLENBQUM7SUFFRDs7Ozs7Ozs7O09BU0c7SUFDSSxnQkFBZ0I7UUFDckIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLGdCQUFnQixDQUFDLENBQUM7SUFDbkMsQ0FBQztJQUVEOzs7Ozs7Ozs7O09BVUc7SUFDSSxnQkFBZ0I7UUFDckIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLGdCQUFnQixDQUFDLENBQUM7SUFDbkMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLDBCQUEwQjtRQUMvQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsMEJBQTBCLENBQUMsQ0FBQztJQUM3QyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksdUJBQXVCO1FBQzVCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyx1QkFBdUIsQ0FBQyxDQUFDO0lBQzFDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSx1QkFBdUI7UUFDNUIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLHVCQUF1QixDQUFDLENBQUM7SUFDMUMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLHNCQUFzQjtRQUMzQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsc0JBQXNCLENBQUMsQ0FBQztJQUN6QyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksZUFBZTtRQUNwQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsZUFBZSxDQUFDLENBQUM7SUFDbEMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLGtCQUFrQjtRQUN2QixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsa0JBQWtCLENBQUMsQ0FBQztJQUNyQyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksZ0JBQWdCO1FBQ3JCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxnQkFBZ0IsQ0FBQyxDQUFDO0lBQ25DLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxnQkFBZ0I7UUFDckIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLGdCQUFnQixDQUFDLENBQUM7SUFDbkMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLDBCQUEwQjtRQUMvQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsMEJBQTBCLENBQUMsQ0FBQztJQUM3QyxDQUFDO0lBRUQ7Ozs7Ozs7Ozs7T0FVRztJQUNJLFlBQVk7UUFDakIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLFlBQVksQ0FBQyxDQUFDO0lBQy9CLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSx3QkFBd0I7UUFDN0IsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLHdCQUF3QixDQUFDLENBQUM7SUFDM0MsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLGlCQUFpQjtRQUN0QixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsaUJBQWlCLENBQUMsQ0FBQztJQUNwQyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksb0JBQW9CO1FBQ3pCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxvQkFBb0IsQ0FBQyxDQUFDO0lBQ3ZDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxrQkFBa0I7UUFDdkIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLGtCQUFrQixDQUFDLENBQUM7SUFDckMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLGtCQUFrQjtRQUN2QixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsa0JBQWtCLENBQUMsQ0FBQztJQUNyQyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0kscUJBQXFCO1FBQzFCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxxQkFBcUIsQ0FBQyxDQUFDO0lBQ3hDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSw0QkFBNEI7UUFDakMsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLDRCQUE0QixDQUFDLENBQUM7SUFDL0MsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLGdCQUFnQjtRQUNyQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsZ0JBQWdCLENBQUMsQ0FBQztJQUNuQyxDQUFDO0lBRUQ7Ozs7Ozs7OztPQVNHO0lBQ0ksY0FBYztRQUNuQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsY0FBYyxDQUFDLENBQUM7SUFDakMsQ0FBQztJQUVEOzs7Ozs7Ozs7O09BVUc7SUFDSSxhQUFhO1FBQ2xCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxhQUFhLENBQUMsQ0FBQztJQUNoQyxDQUFDO0lBRUQ7Ozs7Ozs7Ozs7T0FVRztJQUNJLFlBQVk7UUFDakIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLFlBQVksQ0FBQyxDQUFDO0lBQy9CLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxzQkFBc0I7UUFDM0IsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLHNCQUFzQixDQUFDLENBQUM7SUFDekMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLHFCQUFxQjtRQUMxQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMscUJBQXFCLENBQUMsQ0FBQztJQUN4QyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksY0FBYztRQUNuQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsY0FBYyxDQUFDLENBQUM7SUFDakMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLGlCQUFpQjtRQUN0QixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsaUJBQWlCLENBQUMsQ0FBQztJQUNwQyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksZUFBZTtRQUNwQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsZUFBZSxDQUFDLENBQUM7SUFDbEMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLGdCQUFnQjtRQUNyQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsZ0JBQWdCLENBQUMsQ0FBQztJQUNuQyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksa0JBQWtCO1FBQ3ZCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxrQkFBa0IsQ0FBQyxDQUFDO0lBQ3JDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxnQ0FBZ0M7UUFDckMsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLGdDQUFnQyxDQUFDLENBQUM7SUFDbkQsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLHlCQUF5QjtRQUM5QixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMseUJBQXlCLENBQUMsQ0FBQztJQUM1QyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksYUFBYTtRQUNsQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsYUFBYSxDQUFDLENBQUM7SUFDaEMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLHVCQUF1QjtRQUM1QixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsdUJBQXVCLENBQUMsQ0FBQztJQUMxQyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksV0FBVztRQUNoQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsV0FBVyxDQUFDLENBQUM7SUFDOUIsQ0FBQztJQUVEOzs7Ozs7Ozs7T0FTRztJQUNJLHFCQUFxQjtRQUMxQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMscUJBQXFCLENBQ