iam-floyd
Version:
AWS IAM policy statement generator with fluent interface
1,127 lines • 122 kB
JavaScript
"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.Route53resolver = void 0;
const shared_1 = require("../../shared");
/**
* Statement provider for service [route53resolver](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonroute53resolver.html).
*
* @param sid [SID](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_sid.html) of the statement
*/
class Route53resolver extends shared_1.PolicyStatement {
/**
* Statement provider for service [route53resolver](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonroute53resolver.html).
*
* @param sid [SID](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_sid.html) of the statement
*/
constructor(sid) {
super(sid);
this.servicePrefix = 'route53resolver';
this.accessLevelList = {
Write: [
'AssociateFirewallRuleGroup',
'AssociateResolverEndpointIpAddress',
'AssociateResolverQueryLogConfig',
'AssociateResolverRule',
'CreateFirewallDomainList',
'CreateFirewallRule',
'CreateFirewallRuleGroup',
'CreateOutpostResolver',
'CreateResolverEndpoint',
'CreateResolverQueryLogConfig',
'CreateResolverRule',
'DeleteFirewallDomainList',
'DeleteFirewallRule',
'DeleteFirewallRuleGroup',
'DeleteOutpostResolver',
'DeleteResolverEndpoint',
'DeleteResolverQueryLogConfig',
'DeleteResolverRule',
'DisassociateFirewallRuleGroup',
'DisassociateResolverEndpointIpAddress',
'DisassociateResolverQueryLogConfig',
'DisassociateResolverRule',
'ImportFirewallDomains',
'UpdateFirewallConfig',
'UpdateFirewallDomains',
'UpdateFirewallRule',
'UpdateFirewallRuleGroupAssociation',
'UpdateOutpostResolver',
'UpdateResolverConfig',
'UpdateResolverDnssecConfig',
'UpdateResolverEndpoint',
'UpdateResolverRule'
],
Read: [
'GetFirewallConfig',
'GetFirewallDomainList',
'GetFirewallRuleGroup',
'GetFirewallRuleGroupAssociation',
'GetFirewallRuleGroupPolicy',
'GetOutpostResolver',
'GetResolverConfig',
'GetResolverDnssecConfig',
'GetResolverEndpoint',
'GetResolverQueryLogConfig',
'GetResolverQueryLogConfigAssociation',
'GetResolverQueryLogConfigPolicy',
'GetResolverRule',
'GetResolverRuleAssociation',
'GetResolverRulePolicy',
'ListTagsForResource'
],
List: [
'ListFirewallConfigs',
'ListFirewallDomainLists',
'ListFirewallDomains',
'ListFirewallRuleGroupAssociations',
'ListFirewallRuleGroups',
'ListFirewallRules',
'ListOutpostResolvers',
'ListResolverConfigs',
'ListResolverDnssecConfigs',
'ListResolverEndpointIpAddresses',
'ListResolverEndpoints',
'ListResolverQueryLogConfigAssociations',
'ListResolverQueryLogConfigs',
'ListResolverRuleAssociations',
'ListResolverRules'
],
'Permissions management': [
'PutFirewallRuleGroupPolicy',
'PutResolverQueryLogConfigPolicy',
'PutResolverRulePolicy'
],
Tagging: [
'TagResource',
'UntagResource'
]
};
}
/**
* Grants permission to associate an Amazon VPC with a specified firewall rule group
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* Dependent actions:
* - ec2:DescribeVpcs
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_AssociateFirewallRuleGroup.html
*/
toAssociateFirewallRuleGroup() {
return this.to('AssociateFirewallRuleGroup');
}
/**
* Grants permission to associate a specified IP address with a Resolver endpoint. This is an IP address that DNS queries pass through on the way to your network (outbound) or your VPCs (inbound)
*
* Access Level: Write
*
* Dependent actions:
* - ec2:CreateNetworkInterface
* - ec2:DescribeNetworkInterfaces
* - ec2:DescribeSubnets
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_AssociateResolverEndpointIpAddress.html
*/
toAssociateResolverEndpointIpAddress() {
return this.to('AssociateResolverEndpointIpAddress');
}
/**
* Grants permission to associate an Amazon VPC with a specified query logging configuration
*
* Access Level: Write
*
* Dependent actions:
* - ec2:DescribeVpcs
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_AssociateResolverQueryLogConfig.html
*/
toAssociateResolverQueryLogConfig() {
return this.to('AssociateResolverQueryLogConfig');
}
/**
* Grants permission to associate a specified Resolver rule with a specified VPC
*
* Access Level: Write
*
* Dependent actions:
* - ec2:DescribeVpcs
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_AssociateResolverRule.html
*/
toAssociateResolverRule() {
return this.to('AssociateResolverRule');
}
/**
* Grants permission to create a Firewall domain list
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_CreateFirewallDomainList.html
*/
toCreateFirewallDomainList() {
return this.to('CreateFirewallDomainList');
}
/**
* Grants permission to create a Firewall rule within a Firewall rule group
*
* Access Level: Write
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_CreateFirewallRule.html
*/
toCreateFirewallRule() {
return this.to('CreateFirewallRule');
}
/**
* Grants permission to create a Firewall rule group
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_CreateFirewallRuleGroup.html
*/
toCreateFirewallRuleGroup() {
return this.to('CreateFirewallRuleGroup');
}
/**
* Grants permission to create a Route 53 Resolver on Outposts
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* Dependent actions:
* - outposts:GetOutpost
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_CreateOutpostResolver.html
*/
toCreateOutpostResolver() {
return this.to('CreateOutpostResolver');
}
/**
* Grants permission to create a Resolver endpoint. There are two types of Resolver endpoints, inbound and outbound
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* Dependent actions:
* - ec2:CreateNetworkInterface
* - ec2:DescribeNetworkInterfaces
* - ec2:DescribeSecurityGroups
* - ec2:DescribeSubnets
* - ec2:DescribeVpcs
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_CreateResolverEndpoint.html
*/
toCreateResolverEndpoint() {
return this.to('CreateResolverEndpoint');
}
/**
* Grants permission to create a Resolver query logging configuration, which defines where you want Resolver to save DNS query logs that originate in your VPCs
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_CreateResolverQueryLogConfig.html
*/
toCreateResolverQueryLogConfig() {
return this.to('CreateResolverQueryLogConfig');
}
/**
* Grants permission to define how to route queries originating from your VPC out of the VPC
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_CreateResolverRule.html
*/
toCreateResolverRule() {
return this.to('CreateResolverRule');
}
/**
* Grants permission to delete a Firewall domain list
*
* Access Level: Write
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_DeleteFirewallDomainList.html
*/
toDeleteFirewallDomainList() {
return this.to('DeleteFirewallDomainList');
}
/**
* Grants permission to delete a Firewall rule within a Firewall rule group
*
* Access Level: Write
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_DeleteFirewallRule.html
*/
toDeleteFirewallRule() {
return this.to('DeleteFirewallRule');
}
/**
* Grants permission to delete a Firewall rule group
*
* Access Level: Write
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_DeleteFirewallRuleGroup.html
*/
toDeleteFirewallRuleGroup() {
return this.to('DeleteFirewallRuleGroup');
}
/**
* Grants permission to delete a Route 53 Resolver on Outposts
*
* Access Level: Write
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_DeleteOutpostResolver.html
*/
toDeleteOutpostResolver() {
return this.to('DeleteOutpostResolver');
}
/**
* Grants permission to delete a Resolver endpoint. The effect of deleting a Resolver endpoint depends on whether it's an inbound or an outbound endpoint
*
* Access Level: Write
*
* Dependent actions:
* - ec2:DeleteNetworkInterface
* - ec2:DescribeNetworkInterfaces
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_DeleteResolverEndpoint.html
*/
toDeleteResolverEndpoint() {
return this.to('DeleteResolverEndpoint');
}
/**
* Grants permission to delete a Resolver query logging configuration
*
* Access Level: Write
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_DeleteResolverQueryLogConfig.html
*/
toDeleteResolverQueryLogConfig() {
return this.to('DeleteResolverQueryLogConfig');
}
/**
* Grants permission to delete a Resolver rule
*
* Access Level: Write
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_DeleteResolverRule.html
*/
toDeleteResolverRule() {
return this.to('DeleteResolverRule');
}
/**
* Grants permission to remove the association between a specified Firewall rule group and a specified VPC
*
* Access Level: Write
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_DisassociateFirewallRuleGroup.html
*/
toDisassociateFirewallRuleGroup() {
return this.to('DisassociateFirewallRuleGroup');
}
/**
* Grants permission to remove a specified IP address from a Resolver endpoint. This is an IP address that DNS queries pass through on the way to your network (outbound) or your VPCs (inbound)
*
* Access Level: Write
*
* Dependent actions:
* - ec2:DeleteNetworkInterface
* - ec2:DescribeNetworkInterfaces
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_DisassociateResolverEndpointIpAddress.html
*/
toDisassociateResolverEndpointIpAddress() {
return this.to('DisassociateResolverEndpointIpAddress');
}
/**
* Grants permission to remove the association between a specified Resolver query logging configuration and a specified VPC
*
* Access Level: Write
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_DisassociateResolverQueryLogConfig.html
*/
toDisassociateResolverQueryLogConfig() {
return this.to('DisassociateResolverQueryLogConfig');
}
/**
* Grants permission to remove the association between a specified Resolver rule and a specified VPC
*
* Access Level: Write
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_DisassociateResolverRule.html
*/
toDisassociateResolverRule() {
return this.to('DisassociateResolverRule');
}
/**
* Grants permission to get information about a specified Firewall config
*
* Access Level: Read
*
* Dependent actions:
* - ec2:DescribeVpcs
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_GetFirewallConfig.html
*/
toGetFirewallConfig() {
return this.to('GetFirewallConfig');
}
/**
* Grants permission to get information about a specified Firewall domain list
*
* Access Level: Read
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_GetFirewallDomainList.html
*/
toGetFirewallDomainList() {
return this.to('GetFirewallDomainList');
}
/**
* Grants permission to get information about a specified Firewall rule group
*
* Access Level: Read
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_GetFirewallRuleGroup.html
*/
toGetFirewallRuleGroup() {
return this.to('GetFirewallRuleGroup');
}
/**
* Grants permission to get information about an association between a specified Firewall rule group and a VPC
*
* Access Level: Read
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_GetFirewallRuleGroupAssociation.html
*/
toGetFirewallRuleGroupAssociation() {
return this.to('GetFirewallRuleGroupAssociation');
}
/**
* Grants permission to get information about a specified Firewall rule group policy, which specifies the Firewall rule group operations and resources that you want to allow another AWS account to use
*
* Access Level: Read
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_GetFirewallRuleGroupPolicy.html
*/
toGetFirewallRuleGroupPolicy() {
return this.to('GetFirewallRuleGroupPolicy');
}
/**
* Grants permission to get information about a specified Route 53 Resolver on Outposts
*
* Access Level: Read
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_GetOutpostResolver.html
*/
toGetOutpostResolver() {
return this.to('GetOutpostResolver');
}
/**
* Grants permission to get the Resolver Config status within the specified resource
*
* Access Level: Read
*
* Dependent actions:
* - ec2:DescribeVpcs
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_GetResolverConfig.html
*/
toGetResolverConfig() {
return this.to('GetResolverConfig');
}
/**
* Grants permission to get the DNSSEC validation support status for DNS queries within the specified resource
*
* Access Level: Read
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_GetResolverDnssecConfig.html
*/
toGetResolverDnssecConfig() {
return this.to('GetResolverDnssecConfig');
}
/**
* Grants permission to get information about a specified Resolver endpoint, such as whether it's an inbound or an outbound endpoint, and the IP addresses in your VPC that DNS queries are forwarded to on the way into or out of your VPC
*
* Access Level: Read
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_GetResolverEndpoint.html
*/
toGetResolverEndpoint() {
return this.to('GetResolverEndpoint');
}
/**
* Grants permission to get information about a specified Resolver query logging configuration, such as the number of VPCs that the configuration is logging queries for and the location that logs are sent to
*
* Access Level: Read
*
* Dependent actions:
* - ec2:DescribeVpcs
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_GetResolverQueryLogConfig.html
*/
toGetResolverQueryLogConfig() {
return this.to('GetResolverQueryLogConfig');
}
/**
* Grants permission to get information about a specified association between a Resolver query logging configuration and an Amazon VPC. When you associate a VPC with a query logging configuration, Resolver logs DNS queries that originate in that VPC
*
* Access Level: Read
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_GetResolverQueryLogConfigAssociation.html
*/
toGetResolverQueryLogConfigAssociation() {
return this.to('GetResolverQueryLogConfigAssociation');
}
/**
* Grants permission to get information about a specified Resolver query logging policy, which specifies the Resolver query logging operations and resources that you want to allow another AWS account to use
*
* Access Level: Read
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_GetResolverQueryLogConfigPolicy.html
*/
toGetResolverQueryLogConfigPolicy() {
return this.to('GetResolverQueryLogConfigPolicy');
}
/**
* Grants permission to get information about a specified Resolver rule, such as the domain name that the rule forwards DNS queries for and the IP address that queries are forwarded to
*
* Access Level: Read
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_GetResolverRule.html
*/
toGetResolverRule() {
return this.to('GetResolverRule');
}
/**
* Grants permission to get information about an association between a specified Resolver rule and a VPC
*
* Access Level: Read
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_GetResolverRuleAssociation.html
*/
toGetResolverRuleAssociation() {
return this.to('GetResolverRuleAssociation');
}
/**
* Grants permission to get information about a Resolver rule policy, which specifies the Resolver operations and resources that you want to allow another AWS account to use
*
* Access Level: Read
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_GetResolverRulePolicy.html
*/
toGetResolverRulePolicy() {
return this.to('GetResolverRulePolicy');
}
/**
* Grants permission to add, remove or replace Firewall domains in a Firewall domain list
*
* Access Level: Write
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ImportFirewallDomains.html
*/
toImportFirewallDomains() {
return this.to('ImportFirewallDomains');
}
/**
* Grants permission to list all the Firewall config that current AWS account is able to check
*
* Access Level: List
*
* Dependent actions:
* - ec2:DescribeVpcs
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListFirewallConfigs.html
*/
toListFirewallConfigs() {
return this.to('ListFirewallConfigs');
}
/**
* Grants permission to list all the Firewall domain list that current AWS account is able to use
*
* Access Level: List
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListFirewallDomainLists.html
*/
toListFirewallDomainLists() {
return this.to('ListFirewallDomainLists');
}
/**
* Grants permission to list all the Firewall domain under a specified Firewall domain list
*
* Access Level: List
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListFirewallDomains.html
*/
toListFirewallDomains() {
return this.to('ListFirewallDomains');
}
/**
* Grants permission to list information about associations between Amazon VPCs and Firewall rule group
*
* Access Level: List
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListFirewallRuleGroupAssociations.html
*/
toListFirewallRuleGroupAssociations() {
return this.to('ListFirewallRuleGroupAssociations');
}
/**
* Grants permission to list all the Firewall rule group that current AWS account is able to use
*
* Access Level: List
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListFirewallRuleGroups.html
*/
toListFirewallRuleGroups() {
return this.to('ListFirewallRuleGroups');
}
/**
* Grants permission to list all the Firewall rule under a specified Firewall rule group
*
* Access Level: List
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListFirewallRules.html
*/
toListFirewallRules() {
return this.to('ListFirewallRules');
}
/**
* Grants permission to list all instances of Route 53 Resolver on Outposts that were created using the current AWS account
*
* Access Level: List
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListOutpostResolvers.html
*/
toListOutpostResolvers() {
return this.to('ListOutpostResolvers');
}
/**
* Grants permission to list Resolver Config statuses
*
* Access Level: List
*
* Dependent actions:
* - ec2:DescribeVpcs
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListResolverConfigs.html
*/
toListResolverConfigs() {
return this.to('ListResolverConfigs');
}
/**
* Grants permission to list the DNSSEC validation support status for DNS queries
*
* Access Level: List
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListResolverDnssecConfigs.html
*/
toListResolverDnssecConfigs() {
return this.to('ListResolverDnssecConfigs');
}
/**
* Grants permission to list the IP addresses that DNS queries pass through on the way to your network (outbound) or your VPCs (inbound) for a specified Resolver endpoint
*
* Access Level: List
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListResolverEndpointIpAddresses.html
*/
toListResolverEndpointIpAddresses() {
return this.to('ListResolverEndpointIpAddresses');
}
/**
* Grants permission to list all the Resolver endpoints that were created using the current AWS account
*
* Access Level: List
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListResolverEndpoints.html
*/
toListResolverEndpoints() {
return this.to('ListResolverEndpoints');
}
/**
* Grants permission to list information about associations between Amazon VPCs and query logging configurations
*
* Access Level: List
*
* Dependent actions:
* - ec2:DescribeVpcs
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListResolverQueryLogConfigAssociations.html
*/
toListResolverQueryLogConfigAssociations() {
return this.to('ListResolverQueryLogConfigAssociations');
}
/**
* Grants permission to list information about the specified query logging configurations, which define where you want Resolver to save DNS query logs and specify the VPCs that you want to log queries for
*
* Access Level: List
*
* Dependent actions:
* - ec2:DescribeVpcs
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListResolverQueryLogConfigs.html
*/
toListResolverQueryLogConfigs() {
return this.to('ListResolverQueryLogConfigs');
}
/**
* Grants permission to list the associations that were created between Resolver rules and VPCs using the current AWS account
*
* Access Level: List
*
* Dependent actions:
* - ec2:DescribeVpcs
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListResolverRuleAssociations.html
*/
toListResolverRuleAssociations() {
return this.to('ListResolverRuleAssociations');
}
/**
* Grants permission to list the Resolver rules that were created using the current AWS account
*
* Access Level: List
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListResolverRules.html
*/
toListResolverRules() {
return this.to('ListResolverRules');
}
/**
* Grants permission to list the tags that you associated with the specified resource
*
* Access Level: Read
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListTagsForResource.html
*/
toListTagsForResource() {
return this.to('ListTagsForResource');
}
/**
* Grants permission to specify an AWS account that you want to share a Firewall rule group with, the Firewall rule group that you want to share, and the operations that you want the account to be able to perform on the configuration
*
* Access Level: Permissions management
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_PutFirewallRuleGroupPolicy.html
*/
toPutFirewallRuleGroupPolicy() {
return this.to('PutFirewallRuleGroupPolicy');
}
/**
* Grants permission to specify an AWS account that you want to share a query logging configuration with, the query logging configuration that you want to share, and the operations that you want the account to be able to perform on the configuration
*
* Access Level: Permissions management
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_PutResolverQueryLogConfigPolicy.html
*/
toPutResolverQueryLogConfigPolicy() {
return this.to('PutResolverQueryLogConfigPolicy');
}
/**
* Grants permission to specify an AWS account that you want to share rules with, the Resolver rules that you want to share, and the operations that you want the account to be able to perform on those rules
*
* Access Level: Permissions management
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_PutResolverRulePolicy.html
*/
toPutResolverRulePolicy() {
return this.to('PutResolverRulePolicy');
}
/**
* Grants permission to add one or more tags to a specified resource
*
* Access Level: Tagging
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_TagResource.html
*/
toTagResource() {
return this.to('TagResource');
}
/**
* Grants permission to remove one or more tags from a specified resource
*
* Access Level: Tagging
*
* Possible conditions:
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_UntagResource.html
*/
toUntagResource() {
return this.to('UntagResource');
}
/**
* Grants permission to update selected settings for an Firewall config
*
* Access Level: Write
*
* Dependent actions:
* - ec2:DescribeVpcs
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_UpdateFirewallConfig.html
*/
toUpdateFirewallConfig() {
return this.to('UpdateFirewallConfig');
}
/**
* Grants permission to add, remove or replace Firewall domains in a Firewall domain list
*
* Access Level: Write
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_UpdateFirewallDomains.html
*/
toUpdateFirewallDomains() {
return this.to('UpdateFirewallDomains');
}
/**
* Grants permission to update selected settings for an Firewall rule in a Firewall rule group
*
* Access Level: Write
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_UpdateFirewallRule.html
*/
toUpdateFirewallRule() {
return this.to('UpdateFirewallRule');
}
/**
* Grants permission to update selected settings for an Firewall rule group association
*
* Access Level: Write
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_UpdateFirewallRuleGroupAssociation.html
*/
toUpdateFirewallRuleGroupAssociation() {
return this.to('UpdateFirewallRuleGroupAssociation');
}
/**
* Grants permission to update seletected settings for a specified Route 53 Resolver on Outposts
*
* Access Level: Write
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_UpdateOutpostResolver.html
*/
toUpdateOutpostResolver() {
return this.to('UpdateOutpostResolver');
}
/**
* Grants permission to update the Resolver Config status within the specified resource
*
* Access Level: Write
*
* Dependent actions:
* - ec2:DescribeVpcs
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_UpdateResolverConfig.html
*/
toUpdateResolverConfig() {
return this.to('UpdateResolverConfig');
}
/**
* Grants permission to update the DNSSEC validation support status for DNS queries within the specified resource
*
* Access Level: Write
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_UpdateResolverDnssecConfig.html
*/
toUpdateResolverDnssecConfig() {
return this.to('UpdateResolverDnssecConfig');
}
/**
* Grants permission to update selected settings for an inbound or an outbound Resolver endpoint
*
* Access Level: Write
*
* Dependent actions:
* - ec2:AssignIpv6Addresses
* - ec2:DescribeNetworkInterfaces
* - ec2:DescribeSubnets
* - ec2:ModifyNetworkInterfaceAttribute
* - ec2:UnassignIpv6Addresses
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_UpdateResolverEndpoint.html
*/
toUpdateResolverEndpoint() {
return this.to('UpdateResolverEndpoint');
}
/**
* Grants permission to update settings for a specified Resolver rule
*
* Access Level: Write
*
* https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_UpdateResolverRule.html
*/
toUpdateResolverRule() {
return this.to('UpdateResolverRule');
}
/**
* Adds a resource of type resolver-dnssec-config to the statement
*
* https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/access-control-overview.html#access-control-resources
*
* @param resourceId - Identifier for the resourceId.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onResolverDnssecConfig(resourceId, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:route53resolver:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:resolver-dnssec-config/${resourceId}`);
}
/**
* Adds a resource of type resolver-query-log-config to the statement
*
* https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/access-control-overview.html#access-control-resources
*
* @param resourceId - Identifier for the resourceId.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onResolverQueryLogConfig(resourceId, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:route53resolver:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:resolver-query-log-config/${resourceId}`);
}
/**
* Adds a resource of type resolver-rule to the statement
*
* https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/access-control-overview.html#access-control-resources
*
* @param resourceId - Identifier for the resourceId.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onResolverRule(resourceId, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:route53resolver:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:resolver-rule/${resourceId}`);
}
/**
* Adds a resource of type autodefined-rule to the statement
*
* https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/access-control-overview.html#access-control-resources
*
* @param resourceId - Identifier for the resourceId.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onAutodefinedRule(resourceId, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:route53resolver:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:autodefined-rule/${resourceId}`);
}
/**
* Adds a resource of type resolver-endpoint to the statement
*
* https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/access-control-overview.html#access-control-resources
*
* @param resourceId - Identifier for the resourceId.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onResolverEndpoint(resourceId, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:route53resolver:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:resolver-endpoint/${resourceId}`);
}
/**
* Adds a resource of type firewall-rule-group to the statement
*
* https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/access-control-overview.html#access-control-resources
*
* @param resourceId - Identifier for the resourceId.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onFirewallRuleGroup(resourceId, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:route53resolver:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:firewall-rule-group/${resourceId}`);
}
/**
* Adds a resource of type firewall-rule-group-association to the statement
*
* https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/access-control-overview.html#access-control-resources
*
* @param resourceId - Identifier for the resourceId.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onFirewallRuleGroupAssociation(resourceId, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:route53resolver:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:firewall-rule-group-association/${resourceId}`);
}
/**
* Adds a resource of type firewall-domain-list to the statement
*
* https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/access-control-overview.html#access-control-resources
*
* @param resourceId - Identifier for the resourceId.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onFirewallDomainList(resourceId, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:route53resolver:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:firewall-domain-list/${resourceId}`);
}
/**
* Adds a resource of type firewall-config to the statement
*
* https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/access-control-overview.html#access-control-resources
*
* @param resourceId - Identifier for the resourceId.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onFirewallConfig(resourceId, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:route53resolver:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:firewall-config/${resourceId}`);
}
/**
* Adds a resource of type resolver-config to the statement
*
* https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/access-control-overview.html#access-control-resources
*
* @param resourceId - Identifier for the resourceId.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*/
onResolverConfig(resourceId, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:route53resolver:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:resolver-config/${resourceId}`);
}
/**
* Adds a resource of type outpost-resolver to the statement
*
* https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/access-control-overview.html#access-control-resources
*
* @param resourceId - Identifier for the resourceId.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onOutpostResolver(resourceId, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:route53resolver:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:outpost-resolver/${resourceId}`);
}
/**
* Filters access by the presence of tag key-value pairs in the request
*
* https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-requesttag
*
* Applies to actions:
* - .toAssociateFirewallRuleGroup()
* - .toCreateFirewallDomainList()
* - .toCreateFirewallRuleGroup()
* - .toCreateOutpostResolver()
* - .toCreateResolverEndpoint()
* - .toCreateResolverQueryLogConfig()
* - .toCreateResolverRule()
* - .toTagResource()
*
* @param tagKey The tag key to check
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifAwsRequestTag(tagKey, value, operator) {
return this.if(`aws:RequestTag/${tagKey}`, value, operator ?? 'StringLike');
}
/**
* Filters access by the presence of tag key-value pairs attached to the resource
*
* https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-resourcetag
*
* Applies to resource types:
* - resolver-dnssec-config
* - resolver-query-log-config
* - resolver-rule
* - autodefined-rule
* - resolver-endpoint
* - firewall-rule-group
* - firewall-rule-group-association
* - firewall-domain-list
* - firewall-config
* - outpost-resolver
*
* @param tagKey The tag key to check
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifAwsResourceTag(tagKey, value, operator) {
return this.if(`aws:ResourceTag/${tagKey}`, value, operator ?? 'StringLike');
}
/**
* Filters access by the presence of tag keys in the request
*
* https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-tagkeys
*
* Applies to actions:
* - .toAssociateFirewallRuleGroup()
* - .toCreateFirewallDomainList()
* - .toCreateFirewallRuleGroup()
* - .toCreateOutpostResolver()
* - .toCreateResolverEndpoint()
* - .toCreateResolverQueryLogConfig()
* - .toCreateResolverRule()
* - .toTagResource()
* - .toUntagResource()
*
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifAwsTagKeys(value, operator) {
return this.if(`aws:TagKeys`, value, operator ?? 'StringLike');
}
}
exports.Route53resolver = Route53resolver;
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicm91dGU1M3Jlc29sdmVyLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsicm91dGU1M3Jlc29sdmVyLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUNBLHlDQUF5RDtBQUV6RDs7OztHQUlHO0FBQ0gsTUFBYSxlQUFnQixTQUFRLHdCQUFlO0lBR2xEOzs7O09BSUc7SUFDSCxZQUFZLEdBQVk7UUFDdEIsS0FBSyxDQUFDLEdBQUcsQ0FBQyxDQUFDO1FBUk4sa0JBQWEsR0FBRyxpQkFBaUIsQ0FBQztRQSsxQi9CLG9CQUFlLEdBQW9CO1lBQzNDLEtBQUssRUFBRTtnQkFDTCw0QkFBNEI7Z0JBQzVCLG9DQUFvQztnQkFDcEMsaUNBQWlDO2dCQUNqQyx1QkFBdUI7Z0JBQ3ZCLDBCQUEwQjtnQkFDMUIsb0JBQW9CO2dCQUNwQix5QkFBeUI7Z0JBQ3pCLHVCQUF1QjtnQkFDdkIsd0JBQXdCO2dCQUN4Qiw4QkFBOEI7Z0JBQzlCLG9CQUFvQjtnQkFDcEIsMEJBQTBCO2dCQUMxQixvQkFBb0I7Z0JBQ3BCLHlCQUF5QjtnQkFDekIsdUJBQXVCO2dCQUN2Qix3QkFBd0I7Z0JBQ3hCLDhCQUE4QjtnQkFDOUIsb0JBQW9CO2dCQUNwQiwrQkFBK0I7Z0JBQy9CLHVDQUF1QztnQkFDdkMsb0NBQW9DO2dCQUNwQywwQkFBMEI7Z0JBQzFCLHVCQUF1QjtnQkFDdkIsc0JBQXNCO2dCQUN0Qix1QkFBdUI7Z0JBQ3ZCLG9CQUFvQjtnQkFDcEIsb0NBQW9DO2dCQUNwQyx1QkFBdUI7Z0JBQ3ZCLHNCQUFzQjtnQkFDdEIsNEJBQTRCO2dCQUM1Qix3QkFBd0I7Z0JBQ3hCLG9CQUFvQjthQUNyQjtZQUNELElBQUksRUFBRTtnQkFDSixtQkFBbUI7Z0JBQ25CLHVCQUF1QjtnQkFDdkIsc0JBQXNCO2dCQUN0QixpQ0FBaUM7Z0JBQ2pDLDRCQUE0QjtnQkFDNUIsb0JBQW9CO2dCQUNwQixtQkFBbUI7Z0JBQ25CLHlCQUF5QjtnQkFDekIscUJBQXFCO2dCQUNyQiwyQkFBMkI7Z0JBQzNCLHNDQUFzQztnQkFDdEMsaUNBQWlDO2dCQUNqQyxpQkFBaUI7Z0JBQ2pCLDRCQUE0QjtnQkFDNUIsdUJBQXVCO2dCQUN2QixxQkFBcUI7YUFDdEI7WUFDRCxJQUFJLEVBQUU7Z0JBQ0oscUJBQXFCO2dCQUNyQix5QkFBeUI7Z0JBQ3pCLHFCQUFxQjtnQkFDckIsbUNBQW1DO2dCQUNuQyx3QkFBd0I7Z0JBQ3hCLG1CQUFtQjtnQkFDbkIsc0JBQXNCO2dCQUN0QixxQkFBcUI7Z0JBQ3JCLDJCQUEyQjtnQkFDM0IsaUNBQWlDO2dCQUNqQyx1QkFBdUI7Z0JBQ3ZCLHdDQUF3QztnQkFDeEMsNkJBQTZCO2dCQUM3Qiw4QkFBOEI7Z0JBQzlCLG1CQUFtQjthQUNwQjtZQUNELHdCQUF3QixFQUFFO2dCQUN4Qiw0QkFBNEI7Z0JBQzVCLGlDQUFpQztnQkFDakMsdUJBQXVCO2FBQ3hCO1lBQ0QsT0FBTyxFQUFFO2dCQUNQLGFBQWE7Z0JBQ2IsZUFBZTthQUNoQjtTQUNGLENBQUM7SUFyNkJGLENBQUM7SUFFRDs7Ozs7Ozs7Ozs7OztPQWFHO0lBQ0ksNEJBQTRCO1FBQ2pDLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyw0QkFBNEIsQ0FBQyxDQUFDO0lBQy9DLENBQUM7SUFFRDs7Ozs7Ozs7Ozs7T0FXRztJQUNJLG9DQUFvQztRQUN6QyxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsb0NBQW9DLENBQUMsQ0FBQztJQUN2RCxDQUFDO0lBRUQ7Ozs7Ozs7OztPQVNHO0lBQ0ksaUNBQWlDO1FBQ3RDLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxpQ0FBaUMsQ0FBQyxDQUFDO0lBQ3BELENBQUM7SUFFRDs7Ozs7Ozs7O09BU0c7SUFDSSx1QkFBdUI7UUFDNUIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLHVCQUF1QixDQUFDLENBQUM7SUFDMUMsQ0FBQztJQUVEOzs7Ozs7Ozs7O09BVUc7SUFDSSwwQkFBMEI7UUFDL0IsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLDBCQUEwQixDQUFDLENBQUM7SUFDN0MsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLG9CQUFvQjtRQUN6QixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsb0JBQW9CLENBQUMsQ0FBQztJQUN2QyxDQUFDO0lBRUQ7Ozs7Ozs7Ozs7T0FVRztJQUNJLHlCQUF5QjtRQUM5QixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMseUJBQXlCLENBQUMsQ0FBQztJQUM1QyxDQUFDO0lBRUQ7Ozs7Ozs7Ozs7Ozs7T0FhRztJQUNJLHVCQUF1QjtRQUM1QixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsdUJBQXVCLENBQUMsQ0FBQztJQUMxQyxDQUFDO0lBRUQ7Ozs7Ozs7Ozs7Ozs7Ozs7O09BaUJHO0lBQ0ksd0JBQXdCO1FBQzdCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyx3QkFBd0IsQ0FBQyxDQUFDO0lBQzNDLENBQUM7SUFFRDs7Ozs7Ozs7OztPQVVHO0lBQ0ksOEJBQThCO1FBQ25DLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyw4QkFBOEIsQ0FBQyxDQUFDO0lBQ2pELENBQUM7SUFFRDs7Ozs7Ozs7OztPQVVHO0lBQ0ksb0JBQW9CO1FBQ3pCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxvQkFBb0IsQ0FBQyxDQUFDO0lBQ3ZDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSwwQkFBMEI7UUFDL0IsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLDBCQUEwQixDQUFDLENBQUM7SUFDN0MsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLG9CQUFvQjtRQUN6QixPQUFPLEl