iam-floyd
Version:
AWS IAM policy statement generator with fluent interface
1,101 lines • 105 kB
JavaScript
"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.Macie2 = void 0;
const shared_1 = require("../../shared");
/**
* Statement provider for service [macie2](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonmacie.html).
*
* @param sid [SID](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_sid.html) of the statement
*/
class Macie2 extends shared_1.PolicyStatement {
/**
* Statement provider for service [macie2](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonmacie.html).
*
* @param sid [SID](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_sid.html) of the statement
*/
constructor(sid) {
super(sid);
this.servicePrefix = 'macie2';
this.accessLevelList = {
Write: [
'AcceptInvitation',
'BatchUpdateAutomatedDiscoveryAccounts',
'CreateAllowList',
'CreateClassificationJob',
'CreateCustomDataIdentifier',
'CreateFindingsFilter',
'CreateInvitations',
'CreateMember',
'CreateSampleFindings',
'DeclineInvitations',
'DeleteAllowList',
'DeleteCustomDataIdentifier',
'DeleteFindingsFilter',
'DeleteInvitations',
'DeleteMember',
'DisableMacie',
'DisableOrganizationAdminAccount',
'DisassociateFromAdministratorAccount',
'DisassociateFromMasterAccount',
'DisassociateMember',
'EnableMacie',
'EnableOrganizationAdminAccount',
'PutClassificationExportConfiguration',
'PutFindingsPublicationConfiguration',
'TestCustomDataIdentifier',
'UpdateAllowList',
'UpdateAutomatedDiscoveryConfiguration',
'UpdateClassificationJob',
'UpdateClassificationScope',
'UpdateFindingsFilter',
'UpdateMacieSession',
'UpdateMemberSession',
'UpdateOrganizationConfiguration',
'UpdateResourceProfile',
'UpdateResourceProfileDetections',
'UpdateRevealConfiguration',
'UpdateSensitivityInspectionTemplate'
],
Read: [
'BatchGetCustomDataIdentifiers',
'DescribeBuckets',
'DescribeClassificationJob',
'DescribeOrganizationConfiguration',
'GetAdministratorAccount',
'GetAllowList',
'GetAutomatedDiscoveryConfiguration',
'GetBucketStatistics',
'GetClassificationExportConfiguration',
'GetClassificationScope',
'GetCustomDataIdentifier',
'GetFindingStatistics',
'GetFindings',
'GetFindingsFilter',
'GetFindingsPublicationConfiguration',
'GetInvitationsCount',
'GetMacieSession',
'GetMasterAccount',
'GetMember',
'GetResourceProfile',
'GetRevealConfiguration',
'GetSensitiveDataOccurrences',
'GetSensitiveDataOccurrencesAvailability',
'GetSensitivityInspectionTemplate',
'GetUsageStatistics',
'GetUsageTotals',
'ListTagsForResource',
'SearchResources'
],
List: [
'ListAllowLists',
'ListAutomatedDiscoveryAccounts',
'ListClassificationJobs',
'ListClassificationScopes',
'ListCustomDataIdentifiers',
'ListFindings',
'ListFindingsFilters',
'ListInvitations',
'ListManagedDataIdentifiers',
'ListMembers',
'ListOrganizationAdminAccounts',
'ListResourceProfileArtifacts',
'ListResourceProfileDetections',
'ListSensitivityInspectionTemplates'
],
Tagging: [
'TagResource',
'UntagResource'
]
};
}
/**
* Grants permission to accept an Amazon Macie membership invitation
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/invitations-accept.html
*/
toAcceptInvitation() {
return this.to('AcceptInvitation');
}
/**
* Grants permission to retrieve information about one or more custom data identifiers
*
* Access Level: Read
*
* https://docs.aws.amazon.com/macie/latest/APIReference/custom-data-identifiers-get.html
*/
toBatchGetCustomDataIdentifiers() {
return this.to('BatchGetCustomDataIdentifiers');
}
/**
* Grants permission to an Amazon Macie administrator to change the status of automated sensitive data discovery for one or more accounts in their organization
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/automated-discovery-accounts.html
*/
toBatchUpdateAutomatedDiscoveryAccounts() {
return this.to('BatchUpdateAutomatedDiscoveryAccounts');
}
/**
* Grants permission to create and define the settings for an allow list
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/macie/latest/APIReference/allow-lists.html
*/
toCreateAllowList() {
return this.to('CreateAllowList');
}
/**
* Grants permission to create and define the settings for a sensitive data discovery job
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/macie/latest/APIReference/jobs.html
*/
toCreateClassificationJob() {
return this.to('CreateClassificationJob');
}
/**
* Grants permission to create and define the settings for a custom data identifier
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/macie/latest/APIReference/custom-data-identifiers.html
*/
toCreateCustomDataIdentifier() {
return this.to('CreateCustomDataIdentifier');
}
/**
* Grants permission to create and define the settings for a findings filter
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/macie/latest/APIReference/findingsfilters.html
*/
toCreateFindingsFilter() {
return this.to('CreateFindingsFilter');
}
/**
* Grants permission to send an Amazon Macie membership invitation
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/invitations.html
*/
toCreateInvitations() {
return this.to('CreateInvitations');
}
/**
* Grants permission to associate an account with an Amazon Macie administrator account
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/macie/latest/APIReference/members.html
*/
toCreateMember() {
return this.to('CreateMember');
}
/**
* Grants permission to create sample findings
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/findings-sample.html
*/
toCreateSampleFindings() {
return this.to('CreateSampleFindings');
}
/**
* Grants permission to decline Amazon Macie membership invitations
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/invitations-decline.html
*/
toDeclineInvitations() {
return this.to('DeclineInvitations');
}
/**
* Grants permission to delete an allow list
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/allow-lists-id.html
*/
toDeleteAllowList() {
return this.to('DeleteAllowList');
}
/**
* Grants permission to delete a custom data identifier
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/custom-data-identifiers-id.html
*/
toDeleteCustomDataIdentifier() {
return this.to('DeleteCustomDataIdentifier');
}
/**
* Grants permission to delete a findings filter
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/findingsfilters-id.html
*/
toDeleteFindingsFilter() {
return this.to('DeleteFindingsFilter');
}
/**
* Grants permission to delete Amazon Macie membership invitations
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/invitations-delete.html
*/
toDeleteInvitations() {
return this.to('DeleteInvitations');
}
/**
* Grants permission to delete the association between an Amazon Macie administrator account and an account
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/members-id.html
*/
toDeleteMember() {
return this.to('DeleteMember');
}
/**
* Grants permission to retrieve statistical data and other information about S3 buckets that Amazon Macie monitors and analyzes
*
* Access Level: Read
*
* https://docs.aws.amazon.com/macie/latest/APIReference/datasources-s3.html
*/
toDescribeBuckets() {
return this.to('DescribeBuckets');
}
/**
* Grants permission to retrieve information about the status and settings for a sensitive data discovery job
*
* Access Level: Read
*
* https://docs.aws.amazon.com/macie/latest/APIReference/jobs-jobid.html
*/
toDescribeClassificationJob() {
return this.to('DescribeClassificationJob');
}
/**
* Grants permission to retrieve information about the Amazon Macie configuration settings for an AWS organization
*
* Access Level: Read
*
* https://docs.aws.amazon.com/macie/latest/APIReference/admin-configuration.html
*/
toDescribeOrganizationConfiguration() {
return this.to('DescribeOrganizationConfiguration');
}
/**
* Grants permission to disable an Amazon Macie account, which also deletes Macie resources for the account
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/macie.html
*/
toDisableMacie() {
return this.to('DisableMacie');
}
/**
* Grants permission to disable an account as the delegated Amazon Macie administrator account for an AWS organization
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/admin.html
*/
toDisableOrganizationAdminAccount() {
return this.to('DisableOrganizationAdminAccount');
}
/**
* Grants permission to an Amazon Macie member account to disassociate from its Macie administrator account
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/administrator-disassociate.html
*/
toDisassociateFromAdministratorAccount() {
return this.to('DisassociateFromAdministratorAccount');
}
/**
* Grants permission to an Amazon Macie member account to disassociate from its Macie administrator account
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/master-disassociate.html
*/
toDisassociateFromMasterAccount() {
return this.to('DisassociateFromMasterAccount');
}
/**
* Grants permission to an Amazon Macie administrator account to disassociate from a Macie member account
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/members-disassociate-id.html
*/
toDisassociateMember() {
return this.to('DisassociateMember');
}
/**
* Grants permission to enable and specify the configuration settings for a new Amazon Macie account
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/macie.html
*/
toEnableMacie() {
return this.to('EnableMacie');
}
/**
* Grants permission to enable an account as the delegated Amazon Macie administrator account for an AWS organization
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/admin.html
*/
toEnableOrganizationAdminAccount() {
return this.to('EnableOrganizationAdminAccount');
}
/**
* Grants permission to retrieve information about the Amazon Macie administrator account for an account
*
* Access Level: Read
*
* https://docs.aws.amazon.com/macie/latest/APIReference/administrator.html
*/
toGetAdministratorAccount() {
return this.to('GetAdministratorAccount');
}
/**
* Grants permission to retrieve the settings and status of an allow list
*
* Access Level: Read
*
* https://docs.aws.amazon.com/macie/latest/APIReference/allow-lists-id.html
*/
toGetAllowList() {
return this.to('GetAllowList');
}
/**
* Grants permission to retrieve the configuration settings and status of automated sensitive data discovery for an Amazon Macie administrator account, organization, or standalone account
*
* Access Level: Read
*
* https://docs.aws.amazon.com/macie/latest/APIReference/automated-discovery-configuration.html
*/
toGetAutomatedDiscoveryConfiguration() {
return this.to('GetAutomatedDiscoveryConfiguration');
}
/**
* Grants permission to retrieve aggregated statistical data for all the S3 buckets that Amazon Macie monitors and analyzes
*
* Access Level: Read
*
* https://docs.aws.amazon.com/macie/latest/APIReference/datasources-s3-statistics.html
*/
toGetBucketStatistics() {
return this.to('GetBucketStatistics');
}
/**
* Grants permission to retrieve the settings for exporting sensitive data discovery results
*
* Access Level: Read
*
* https://docs.aws.amazon.com/macie/latest/APIReference/classification-export-configuration.html
*/
toGetClassificationExportConfiguration() {
return this.to('GetClassificationExportConfiguration');
}
/**
* Grants permission to retrieve the classification scope settings for an account
*
* Access Level: Read
*
* https://docs.aws.amazon.com/macie/latest/APIReference/classification-scopes-id.html
*/
toGetClassificationScope() {
return this.to('GetClassificationScope');
}
/**
* Grants permission to retrieve information about the settings for a custom data identifier
*
* Access Level: Read
*
* https://docs.aws.amazon.com/macie/latest/APIReference/custom-data-identifiers-id.html
*/
toGetCustomDataIdentifier() {
return this.to('GetCustomDataIdentifier');
}
/**
* Grants permission to retrieve aggregated statistical data about findings
*
* Access Level: Read
*
* https://docs.aws.amazon.com/macie/latest/APIReference/findings-statistics.html
*/
toGetFindingStatistics() {
return this.to('GetFindingStatistics');
}
/**
* Grants permission to retrieve the details of one or more findings
*
* Access Level: Read
*
* https://docs.aws.amazon.com/macie/latest/APIReference/findings-describe.html
*/
toGetFindings() {
return this.to('GetFindings');
}
/**
* Grants permission to retrieve information about the settings for a findings filter
*
* Access Level: Read
*
* https://docs.aws.amazon.com/macie/latest/APIReference/findingsfilters-id.html
*/
toGetFindingsFilter() {
return this.to('GetFindingsFilter');
}
/**
* Grants permission to retrieve the configuration settings for publishing findings to AWS Security Hub
*
* Access Level: Read
*
* https://docs.aws.amazon.com/macie/latest/APIReference/findings-publication-configuration.html
*/
toGetFindingsPublicationConfiguration() {
return this.to('GetFindingsPublicationConfiguration');
}
/**
* Grants permission to retrieve the count of Amazon Macie membership invitations that were received by an account
*
* Access Level: Read
*
* https://docs.aws.amazon.com/macie/latest/APIReference/invitations-count.html
*/
toGetInvitationsCount() {
return this.to('GetInvitationsCount');
}
/**
* Grants permission to retrieve information about the status and configuration settings for an Amazon Macie account
*
* Access Level: Read
*
* https://docs.aws.amazon.com/macie/latest/APIReference/macie.html
*/
toGetMacieSession() {
return this.to('GetMacieSession');
}
/**
* Grants permission to retrieve information about the Amazon Macie administrator account for an account
*
* Access Level: Read
*
* https://docs.aws.amazon.com/macie/latest/APIReference/master.html
*/
toGetMasterAccount() {
return this.to('GetMasterAccount');
}
/**
* Grants permission to retrieve information about an account that's associated with an Amazon Macie administrator account
*
* Access Level: Read
*
* https://docs.aws.amazon.com/macie/latest/APIReference/members-id.html
*/
toGetMember() {
return this.to('GetMember');
}
/**
* Grants permission to retrieve sensitive data discovery statistics and the sensitivity score for an S3 bucket
*
* Access Level: Read
*
* https://docs.aws.amazon.com/macie/latest/APIReference/resource-profiles.html
*/
toGetResourceProfile() {
return this.to('GetResourceProfile');
}
/**
* Grants permission to retrieve the status and configuration settings for retrieving occurrences of sensitive data reported by findings
*
* Access Level: Read
*
* https://docs.aws.amazon.com/macie/latest/APIReference/reveal-configuration.html
*/
toGetRevealConfiguration() {
return this.to('GetRevealConfiguration');
}
/**
* Grants permission to retrieve occurrences of sensitive data reported by a finding
*
* Access Level: Read
*
* https://docs.aws.amazon.com/macie/latest/APIReference/findings-findingid-reveal.html
*/
toGetSensitiveDataOccurrences() {
return this.to('GetSensitiveDataOccurrences');
}
/**
* Grants permission to check whether occurrences of sensitive data can be retrieved for a finding
*
* Access Level: Read
*
* https://docs.aws.amazon.com/macie/latest/APIReference/findings-findingid-reveal-availability.html
*/
toGetSensitiveDataOccurrencesAvailability() {
return this.to('GetSensitiveDataOccurrencesAvailability');
}
/**
* Grants permission to retrieve the sensitivity inspection template settings for an account
*
* Access Level: Read
*
* https://docs.aws.amazon.com/macie/latest/APIReference/templates-sensitivity-inspections-id.html
*/
toGetSensitivityInspectionTemplate() {
return this.to('GetSensitivityInspectionTemplate');
}
/**
* Grants permission to retrieve quotas and aggregated usage data for one or more accounts
*
* Access Level: Read
*
* https://docs.aws.amazon.com/macie/latest/APIReference/usage-statistics.html
*/
toGetUsageStatistics() {
return this.to('GetUsageStatistics');
}
/**
* Grants permission to retrieve aggregated usage data for an account
*
* Access Level: Read
*
* https://docs.aws.amazon.com/macie/latest/APIReference/usage.html
*/
toGetUsageTotals() {
return this.to('GetUsageTotals');
}
/**
* Grants permission to retrieve a subset of information about all the allow lists for an account
*
* Access Level: List
*
* https://docs.aws.amazon.com/macie/latest/APIReference/allow-lists.html
*/
toListAllowLists() {
return this.to('ListAllowLists');
}
/**
* Grants permission to retrieve the status of automated sensitive data discovery for an account
*
* Access Level: List
*
* https://docs.aws.amazon.com/macie/latest/APIReference/automated-discovery-accounts.html
*/
toListAutomatedDiscoveryAccounts() {
return this.to('ListAutomatedDiscoveryAccounts');
}
/**
* Grants permission to retrieve a subset of information about the status and settings for one or more sensitive data discovery jobs
*
* Access Level: List
*
* https://docs.aws.amazon.com/macie/latest/APIReference/jobs-list.html
*/
toListClassificationJobs() {
return this.to('ListClassificationJobs');
}
/**
* Grants permission to retrieve a subset of information about the classification scope for an account
*
* Access Level: List
*
* https://docs.aws.amazon.com/macie/latest/APIReference/classification-scopes.html
*/
toListClassificationScopes() {
return this.to('ListClassificationScopes');
}
/**
* Grants permission to retrieve information about all custom data identifiers
*
* Access Level: List
*
* https://docs.aws.amazon.com/macie/latest/APIReference/custom-data-identifiers-list.html
*/
toListCustomDataIdentifiers() {
return this.to('ListCustomDataIdentifiers');
}
/**
* Grants permission to retrieve a subset of information about one or more findings
*
* Access Level: List
*
* https://docs.aws.amazon.com/macie/latest/APIReference/findings.html
*/
toListFindings() {
return this.to('ListFindings');
}
/**
* Grants permission to retrieve information about all findings filters
*
* Access Level: List
*
* https://docs.aws.amazon.com/macie/latest/APIReference/findingsfilters.html
*/
toListFindingsFilters() {
return this.to('ListFindingsFilters');
}
/**
* Grants permission to retrieve information about all the Amazon Macie membership invitations that were received by an account
*
* Access Level: List
*
* https://docs.aws.amazon.com/macie/latest/APIReference/invitations.html
*/
toListInvitations() {
return this.to('ListInvitations');
}
/**
* Grants permission to retrieve information about managed data identifiers
*
* Access Level: List
*
* https://docs.aws.amazon.com/macie/latest/APIReference/managed-data-identifiers-list.html
*/
toListManagedDataIdentifiers() {
return this.to('ListManagedDataIdentifiers');
}
/**
* Grants permission to retrieve information about the Amazon Macie member accounts that are associated with a Macie administrator account
*
* Access Level: List
*
* https://docs.aws.amazon.com/macie/latest/APIReference/members.html
*/
toListMembers() {
return this.to('ListMembers');
}
/**
* Grants permission to retrieve information about the delegated Amazon Macie administrator account for an AWS organization
*
* Access Level: List
*
* https://docs.aws.amazon.com/macie/latest/APIReference/admin.html
*/
toListOrganizationAdminAccounts() {
return this.to('ListOrganizationAdminAccounts');
}
/**
* Grants permission to retrieve information about objects that Amazon Macie selected from an S3 bucket for automated sensitive data discovery
*
* Access Level: List
*
* https://docs.aws.amazon.com/macie/latest/APIReference/resource-profiles-artifacts.html
*/
toListResourceProfileArtifacts() {
return this.to('ListResourceProfileArtifacts');
}
/**
* Grants permission to retrieve information about the types and amount of sensitive data that Amazon Macie found in an S3 bucket
*
* Access Level: List
*
* https://docs.aws.amazon.com/macie/latest/APIReference/resource-profiles-detections.html
*/
toListResourceProfileDetections() {
return this.to('ListResourceProfileDetections');
}
/**
* Grants permission to retrieve a subset of information about the sensitivity inspection template for an account
*
* Access Level: List
*
* https://docs.aws.amazon.com/macie/latest/APIReference/templates-sensitivity-inspections.html
*/
toListSensitivityInspectionTemplates() {
return this.to('ListSensitivityInspectionTemplates');
}
/**
* Grants permission to retrieve the tags for an Amazon Macie resource
*
* Access Level: Read
*
* https://docs.aws.amazon.com/macie/latest/APIReference/tags-resourcearn.html
*/
toListTagsForResource() {
return this.to('ListTagsForResource');
}
/**
* Grants permission to create or update the settings for storing sensitive data discovery results
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/classification-export-configuration.html
*/
toPutClassificationExportConfiguration() {
return this.to('PutClassificationExportConfiguration');
}
/**
* Grants permission to update the configuration settings for publishing findings to AWS Security Hub
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/findings-publication-configuration.html
*/
toPutFindingsPublicationConfiguration() {
return this.to('PutFindingsPublicationConfiguration');
}
/**
* Grants permission to retrieve statistical data and other information about AWS resources that Amazon Macie monitors and analyzes
*
* Access Level: Read
*
* https://docs.aws.amazon.com/macie/latest/APIReference/datasources-search-resources.html
*/
toSearchResources() {
return this.to('SearchResources');
}
/**
* Grants permission to add or update the tags for an Amazon Macie resource
*
* Access Level: Tagging
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/macie/latest/APIReference/tags-resourcearn.html
*/
toTagResource() {
return this.to('TagResource');
}
/**
* Grants permission to test a custom data identifier
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/custom-data-identifiers-test.html
*/
toTestCustomDataIdentifier() {
return this.to('TestCustomDataIdentifier');
}
/**
* Grants permission to remove tags from an Amazon Macie resource
*
* Access Level: Tagging
*
* Possible conditions:
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/macie/latest/APIReference/tags-resourcearn.html
*/
toUntagResource() {
return this.to('UntagResource');
}
/**
* Grants permission to update the settings for an allow list
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/allow-lists-id.html
*/
toUpdateAllowList() {
return this.to('UpdateAllowList');
}
/**
* Grants permission to change the status of automated sensitive data discovery for an Amazon Macie administrator account, organization, or standalone account
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/automated-discovery-configuration.html
*/
toUpdateAutomatedDiscoveryConfiguration() {
return this.to('UpdateAutomatedDiscoveryConfiguration');
}
/**
* Grants permission to change the status of a sensitive data discovery job
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/macie/latest/APIReference/jobs-jobid.html
*/
toUpdateClassificationJob() {
return this.to('UpdateClassificationJob');
}
/**
* Grants permission to update the classification scope settings for an account
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/classification-scopes-id.html
*/
toUpdateClassificationScope() {
return this.to('UpdateClassificationScope');
}
/**
* Grants permission to update the settings for a findings filter
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/macie/latest/APIReference/findingsfilters-id.html
*/
toUpdateFindingsFilter() {
return this.to('UpdateFindingsFilter');
}
/**
* Grants permission to an Amazon Macie administrator account to suspend or re-enable Macie for a member account
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/macie.html
*/
toUpdateMacieSession() {
return this.to('UpdateMacieSession');
}
/**
* Grants permission to an Amazon Macie administrator account to suspend or re-enable a Macie member account
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/macie-members-id.html
*/
toUpdateMemberSession() {
return this.to('UpdateMemberSession');
}
/**
* Grants permission to update Amazon Macie configuration settings for an AWS organization
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/admin-configuration.html
*/
toUpdateOrganizationConfiguration() {
return this.to('UpdateOrganizationConfiguration');
}
/**
* Grants permission to update the sensitivity score for an S3 bucket
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/resource-profiles.html
*/
toUpdateResourceProfile() {
return this.to('UpdateResourceProfile');
}
/**
* Grants permission to update the sensitivity scoring settings for an S3 bucket
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/resource-profiles-detections.html
*/
toUpdateResourceProfileDetections() {
return this.to('UpdateResourceProfileDetections');
}
/**
* Grants permission to update the status and configuration settings for retrieving occurrences of sensitive data reported by findings
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/reveal-configuration.html
*/
toUpdateRevealConfiguration() {
return this.to('UpdateRevealConfiguration');
}
/**
* Grants permission to update the sensitivity inspection template settings for an account
*
* Access Level: Write
*
* https://docs.aws.amazon.com/macie/latest/APIReference/templates-sensitivity-inspections-id.html
*/
toUpdateSensitivityInspectionTemplate() {
return this.to('UpdateSensitivityInspectionTemplate');
}
/**
* Adds a resource of type AllowList to the statement
*
* https://docs.aws.amazon.com/macie/latest/user/what-is-macie.html
*
* @param resourceId - Identifier for the resourceId.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onAllowList(resourceId, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:macie2:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:allow-list/${resourceId}`);
}
/**
* Adds a resource of type ClassificationJob to the statement
*
* https://docs.aws.amazon.com/macie/latest/user/what-is-macie.html
*
* @param resourceId - Identifier for the resourceId.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onClassificationJob(resourceId, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:macie2:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:classification-job/${resourceId}`);
}
/**
* Adds a resource of type CustomDataIdentifier to the statement
*
* https://docs.aws.amazon.com/macie/latest/user/what-is-macie.html.html
*
* @param resourceId - Identifier for the resourceId.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onCustomDataIdentifier(resourceId, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:macie2:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:custom-data-identifier/${resourceId}`);
}
/**
* Adds a resource of type FindingsFilter to the statement
*
* https://docs.aws.amazon.com/macie/latest/user/what-is-macie.html
*
* @param resourceId - Identifier for the resourceId.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onFindingsFilter(resourceId, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:macie2:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:findings-filter/${resourceId}`);
}
/**
* Adds a resource of type Member to the statement
*
* https://docs.aws.amazon.com/macie/latest/user/what-is-macie.html
*
* @param resourceId - Identifier for the resourceId.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onMember(resourceId, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:macie2:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:member/${resourceId}`);
}
/**
* Filters access by a tag key and value pair that is allowed in the request
*
* https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-requesttag
*
* Applies to actions:
* - .toCreateAllowList()
* - .toCreateClassificationJob()
* - .toCreateCustomDataIdentifier()
* - .toCreateFindingsFilter()
* - .toCreateMember()
* - .toTagResource()
* - .toUpdateClassificationJob()
* - .toUpdateFindingsFilter()
*
* @param tagKey The tag key to check
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifAwsRequestTag(tagKey, value, operator) {
return this.if(`aws:RequestTag/${tagKey}`, value, operator ?? 'StringLike');
}
/**
* Filters access by a tag key and value pair of a resource
*
* https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-resourcetag
*
* Applies to resource types:
* - AllowList
* - ClassificationJob
* - CustomDataIdentifier
* - FindingsFilter
* - Member
*
* @param tagKey The tag key to check
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifAwsResourceTag(tagKey, value, operator) {
return this.if(`aws:ResourceTag/${tagKey}`, value, operator ?? 'StringLike');
}
/**
* Filters access by the presence of tag keys in the request
*
* https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-tagkeys
*
* Applies to actions:
* - .toCreateAllowList()
* - .toCreateClassificationJob()
* - .toCreateCustomDataIdentifier()
* - .toCreateFindingsFilter()
* - .toCreateMember()
* - .toTagResource()
* - .toUntagResource()
* - .toUpdateClassificationJob()
* - .toUpdateFindingsFilter()
*
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifAwsTagKeys(value, operator) {
return this.if(`aws:TagKeys`, value, operator ?? 'StringLike');
}
}
exports.Macie2 = Macie2;
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoibWFjaWUuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyJtYWNpZS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFDQSx5Q0FBeUQ7QUFFekQ7Ozs7R0FJRztBQUNILE1BQWEsTUFBTyxTQUFRLHdCQUFlO0lBR3pDOzs7O09BSUc7SUFDSCxZQUFZLEdBQVk7UUFDdEIsS0FBSyxDQUFDLEdBQUcsQ0FBQyxDQUFDO1FBUk4sa0JBQWEsR0FBRyxRQUFRLENBQUM7UUF5NkJ0QixvQkFBZSxHQUFvQjtZQUMzQyxLQUFLLEVBQUU7Z0JBQ0wsa0JBQWtCO2dCQUNsQix1Q0FBdUM7Z0JBQ3ZDLGlCQUFpQjtnQkFDakIseUJBQXlCO2dCQUN6Qiw0QkFBNEI7Z0JBQzVCLHNCQUFzQjtnQkFDdEIsbUJBQW1CO2dCQUNuQixjQUFjO2dCQUNkLHNCQUFzQjtnQkFDdEIsb0JBQW9CO2dCQUNwQixpQkFBaUI7Z0JBQ2pCLDRCQUE0QjtnQkFDNUIsc0JBQXNCO2dCQUN0QixtQkFBbUI7Z0JBQ25CLGNBQWM7Z0JBQ2QsY0FBYztnQkFDZCxpQ0FBaUM7Z0JBQ2pDLHNDQUFzQztnQkFDdEMsK0JBQStCO2dCQUMvQixvQkFBb0I7Z0JBQ3BCLGFBQWE7Z0JBQ2IsZ0NBQWdDO2dCQUNoQyxzQ0FBc0M7Z0JBQ3RDLHFDQUFxQztnQkFDckMsMEJBQTBCO2dCQUMxQixpQkFBaUI7Z0JBQ2pCLHVDQUF1QztnQkFDdkMseUJBQXlCO2dCQUN6QiwyQkFBMkI7Z0JBQzNCLHNCQUFzQjtnQkFDdEIsb0JBQW9CO2dCQUNwQixxQkFBcUI7Z0JBQ3JCLGlDQUFpQztnQkFDakMsdUJBQXVCO2dCQUN2QixpQ0FBaUM7Z0JBQ2pDLDJCQUEyQjtnQkFDM0IscUNBQXFDO2FBQ3RDO1lBQ0QsSUFBSSxFQUFFO2dCQUNKLCtCQUErQjtnQkFDL0IsaUJBQWlCO2dCQUNqQiwyQkFBMkI7Z0JBQzNCLG1DQUFtQztnQkFDbkMseUJBQXlCO2dCQUN6QixjQUFjO2dCQUNkLG9DQUFvQztnQkFDcEMscUJBQXFCO2dCQUNyQixzQ0FBc0M7Z0JBQ3RDLHdCQUF3QjtnQkFDeEIseUJBQXlCO2dCQUN6QixzQkFBc0I7Z0JBQ3RCLGFBQWE7Z0JBQ2IsbUJBQW1CO2dCQUNuQixxQ0FBcUM7Z0JBQ3JDLHFCQUFxQjtnQkFDckIsaUJBQWlCO2dCQUNqQixrQkFBa0I7Z0JBQ2xCLFdBQVc7Z0JBQ1gsb0JBQW9CO2dCQUNwQix3QkFBd0I7Z0JBQ3hCLDZCQUE2QjtnQkFDN0IseUNBQXlDO2dCQUN6QyxrQ0FBa0M7Z0JBQ2xDLG9CQUFvQjtnQkFDcEIsZ0JBQWdCO2dCQUNoQixxQkFBcUI7Z0JBQ3JCLGlCQUFpQjthQUNsQjtZQUNELElBQUksRUFBRTtnQkFDSixnQkFBZ0I7Z0JBQ2hCLGdDQUFnQztnQkFDaEMsd0JBQXdCO2dCQUN4QiwwQkFBMEI7Z0JBQzFCLDJCQUEyQjtnQkFDM0IsY0FBYztnQkFDZCxxQkFBcUI7Z0JBQ3JCLGlCQUFpQjtnQkFDakIsNEJBQTRCO2dCQUM1QixhQUFhO2dCQUNiLCtCQUErQjtnQkFDL0IsOEJBQThCO2dCQUM5QiwrQkFBK0I7Z0JBQy9CLG9DQUFvQzthQUNyQztZQUNELE9BQU8sRUFBRTtnQkFDUCxhQUFhO2dCQUNiLGVBQWU7YUFDaEI7U0FDRixDQUFDO0lBMS9CRixDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksa0JBQWtCO1FBQ3ZCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxrQkFBa0IsQ0FBQyxDQUFDO0lBQ3JDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSwrQkFBK0I7UUFDcEMsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLCtCQUErQixDQUFDLENBQUM7SUFDbEQsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLHVDQUF1QztRQUM1QyxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsdUNBQXVDLENBQUMsQ0FBQztJQUMxRCxDQUFDO0lBRUQ7Ozs7Ozs7Ozs7T0FVRztJQUNJLGlCQUFpQjtRQUN0QixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsaUJBQWlCLENBQUMsQ0FBQztJQUNwQyxDQUFDO0lBRUQ7Ozs7Ozs7Ozs7T0FVRztJQUNJLHlCQUF5QjtRQUM5QixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMseUJBQXlCLENBQUMsQ0FBQztJQUM1QyxDQUFDO0lBRUQ7Ozs7Ozs7Ozs7T0FVRztJQUNJLDRCQUE0QjtRQUNqQyxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsNEJBQTRCLENBQUMsQ0FBQztJQUMvQyxDQUFDO0lBRUQ7Ozs7Ozs7Ozs7T0FVRztJQUNJLHNCQUFzQjtRQUMzQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsc0JBQXNCLENBQUMsQ0FBQztJQUN6QyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksbUJBQW1CO1FBQ3hCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxtQkFBbUIsQ0FBQyxDQUFDO0lBQ3RDLENBQUM7SUFFRDs7Ozs7Ozs7OztPQVVHO0lBQ0ksY0FBYztRQUNuQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsY0FBYyxDQUFDLENBQUM7SUFDakMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLHNCQUFzQjtRQUMzQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsc0JBQXNCLENBQUMsQ0FBQztJQUN6QyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksb0JBQW9CO1FBQ3pCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxvQkFBb0IsQ0FBQyxDQUFDO0lBQ3ZDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxpQkFBaUI7UUFDdEIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLGlCQUFpQixDQUFDLENBQUM7SUFDcEMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLDRCQUE0QjtRQUNqQyxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsNEJBQTRCLENBQUMsQ0FBQztJQUMvQyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksc0JBQXNCO1FBQzNCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxzQkFBc0IsQ0FBQyxDQUFDO0lBQ3pDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxtQkFBbUI7UUFDeEIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLG1CQUFtQixDQUFDLENBQUM7SUFDdEMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLGNBQWM7UUFDbkIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLGNBQWMsQ0FBQyxDQUFDO0lBQ2pDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxpQkFBaUI7UUFDdEIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLGlCQUFpQixDQUFDLENBQUM7SUFDcEMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLDJCQUEyQjtRQUNoQyxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsMkJBQTJCLENBQUMsQ0FBQztJQUM5QyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksbUNBQW1DO1FBQ3hDLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxtQ0FBbUMsQ0FBQyxDQUFDO0lBQ3RELENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxjQUFjO1FBQ25CLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxjQUFjLENBQUMsQ0FBQztJQUNqQyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksaUNBQWlDO1FBQ3RDLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxpQ0FBaUMsQ0FBQyxDQUFDO0lBQ3BELENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxzQ0FBc0M7UUFDM0MsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLHNDQUFzQyxDQUFDLENBQUM7SUFDekQsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLCtCQUErQjtRQUNwQyxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsK0JBQStCLENBQUMsQ0FBQztJQUNsRCxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksb0JBQW9CO1FBQ3pCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxvQkFBb0IsQ0FBQyxDQUFDO0lBQ3ZDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxhQUFhO1FBQ2xCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxhQUFhLENBQUMsQ0FBQztJQUNoQyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksZ0NBQWdDO1FBQ3JDLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxnQ0FBZ0MsQ0FBQyxDQUFDO0lBQ25ELENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSx5QkFBeUI7UUFDOUIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLHlCQUF5QixDQUFDLENBQUM7SUFDNUMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLGNBQWM7UUFDbkIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLGNBQWMsQ0FBQyxDQUFDO0lBQ2pDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxvQ0FBb0M7UUFDekMsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLG9DQUFvQyxDQUFDLENBQUM7SUFDdkQsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLHFCQUFxQjtRQUMxQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMscUJBQXFCLENBQUMsQ0FBQztJQUN4QyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksc0NBQXNDO1FBQzNDLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxzQ0FBc0MsQ0FBQyxDQUFDO0lBQ3pELENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSx3QkFBd0I7UUFDN0IsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLHdCQUF3QixDQUFDLENBQUM7SUFDM0MsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLHlCQUF5QjtRQUM5QixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMseUJBQXlCLENBQUMsQ0FBQztJQUM1QyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksc0JBQXNCO1FBQzNCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxzQkFBc0IsQ0FBQyxDQUFDO0lBQ3pDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxhQUFhO1FBQ2xCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxhQUFhLENBQUMsQ0FBQztJQUNoQyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksbUJBQW1CO1FBQ3hCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxtQkFBbUIsQ0FBQyxDQUFDO0lBQ3RDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxxQ0FBcUM7UUFDMUMsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLHFDQUFxQyxDQUFDLENBQUM7SUFDeEQsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLHFCQUFxQjtRQUMxQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMscUJBQXFCLENBQUMsQ0FBQztJQUN4QyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksaUJBQWlCO1FBQ3RCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxpQkFBaUIsQ0FBQyxDQUFDO0lBQ3BDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxrQkFBa0I7UUFDdkIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLGtCQUFrQixDQUFDLENBQUM7SUFDckMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLFdBQVc7UUFDaEIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLFdBQVcsQ0FBQyxDQUFDO0lBQzlCLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxvQkFBb0I7UUFDekIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLG9CQUFvQixDQUFDLENBQUM7SUFDdkMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLHdCQUF3QjtRQUM3QixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsd0JBQXdCLENBQUMsQ0FBQztJQUMzQyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksNkJBQTZCO1FBQ2xDLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyw2QkFBNkIsQ0FBQyxDQUFDO0lBQ2hELENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSx5Q0FBeUM7UUFDOUMsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLHlDQUF5QyxDQUFDLENBQUM7SUFDNUQsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLGtDQUFrQztRQUN2QyxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsa0NBQWtDLENBQUMsQ0FBQztJQUNyRCxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksb0JBQW9CO1FBQ3pCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxvQkFBb0IsQ0FBQyxDQUFDO0lBQ3ZDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxnQkFBZ0I7UUFDckIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLGdCQUFnQixDQUFDLENBQUM7SUFDbkMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLGdCQUFnQjtRQUNyQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsZ0JBQWdCLENBQUMsQ0FBQztJQUNuQyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksZ0NBQWdDO1FBQ3JDLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxnQ0FBZ0MsQ0FBQyxDQUFDO0lBQ25ELENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSx3QkFBd0I7UUFDN0IsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLHdCQUF3QixDQUFDLENBQUM7SUFDM0MsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLDBCQUEwQjtRQUMvQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsMEJBQTBCLENBQUMsQ0FBQztJQUM3QyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksMkJBQTJCO1FBQ2hDLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQywyQkFBMkIsQ0FBQyxDQUFDO0lBQzlDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxjQUFjO1FBQ25CLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxjQUFjLENBQUMsQ0FBQztJQUNqQyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0kscUJBQXFCO1FBQzFCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxxQkFBcUIsQ0FBQyxDQUFDO0lBQ3hDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxpQkFBaUI7UUFDdEIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLGlCQUFpQixDQUFDLENBQUM7SUFDcEMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLDRCQUE0QjtRQUNqQyxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsNEJBQTRCLENBQUMsQ0FBQztJQUMvQyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksYUFBYTtRQUNsQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsYUFBYSxDQUFDLENBQUM7SUFDaEMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLCtCQUErQjtRQUNwQyxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsK0JBQStCLENBQUMsQ0FBQztJQUNsRCxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksOEJBQThCO1FBQ25DLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyw4QkFBOEIsQ0FBQyxDQUFDO0lBQ2pELENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSwrQkFBK0I7UUFDcEMsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLCtCQUErQixDQUFDLENBQUM7SUFDbEQsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLG9DQUFvQztRQUN6QyxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsb0NBQW9DLENBQUMsQ0FBQztJQUN2RCxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0kscUJBQXFCO1FBQzFCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxxQkFBcUIsQ0FBQyxDQUFDO0lBQ3hDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxzQ0FBc0M7UUFDM0MsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLHNDQUFzQyxDQUFDLENBQUM7SUFDekQsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLHFDQUFxQztRQUMxQyxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMscUNBQXFDLENBQUMsQ0FBQztJQUN4RCxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksaUJBQWlCO1FBQ3RCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxpQkFBaUIsQ0FBQyxDQUFDO0lBQ3BDLENBQUM7SUFFRDs7Ozs7Ozs7OztPQVVHO0lBQ0ksYUFBYTtRQUNsQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsYUFBYSxDQUFDLENBQUM7SUFDaEMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLDBCQUEwQjtRQUMvQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsMEJBQTBCLENBQUMsQ0FBQztJQUM3QyxDQUFDO0lBRUQ7Ozs7Ozs7OztPQVNHO0lBQ0ksZUFBZTtRQUNwQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsZUFBZSxDQUFDLENBQUM7SUFDbEMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLGlCQUFpQjtRQUN0QixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsaUJBQWlCLENBQUMsQ0FBQztJQUNwQyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksdUNBQXVDO1FBQzVDLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyx1Q0FBdUMsQ0FBQyxDQUFDO0lBQzFELENBQUM7SUFFRDs7Ozs7Ozs7OztPQVVHO0lBQ0kseUJBQXlCO1FBQzlCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyx5QkFBeUIsQ0FBQyxDQUFDO0lBQzVDLENBQUM7SUFFRDs7Oz