iam-floyd

import { AccessLevelList } from '../../shared/access-level'; import { PolicyStatement, Operator } from '../../shared'; /** * Statement provider for service [servicediscovery](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awscloudmap.html). * * @param sid [SID](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_sid.html) of the statement */ export declare class Servicediscovery extends PolicyStatement { servicePrefix: string; /** * Statement provider for service [servicediscovery](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awscloudmap.html). * * @param sid [SID](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_sid.html) of the statement */ constructor(sid?: string); /** * Grants permission to create an HTTP namespace * * Access Level: Write * * Possible conditions: * - .ifAwsTagKeys() * - .ifAwsRequestTag() * * https://docs.aws.amazon.com/cloud-map/latest/api/API_CreateHttpNamespace.html */ toCreateHttpNamespace(): this; /** * Grants permission to create a private namespace based on DNS, which will be visible only inside a specified Amazon VPC * * Access Level: Write * * Possible conditions: * - .ifAwsTagKeys() * - .ifAwsRequestTag() * * https://docs.aws.amazon.com/cloud-map/latest/api/API_CreatePrivateDnsNamespace.html */ toCreatePrivateDnsNamespace(): this; /** * Grants permission to create a public namespace based on DNS, which will be visible on the internet * * Access Level: Write * * Possible conditions: * - .ifAwsTagKeys() * - .ifAwsRequestTag() * * https://docs.aws.amazon.com/cloud-map/latest/api/API_CreatePublicDnsNamespace.html */ toCreatePublicDnsNamespace(): this; /** * Grants permission to create a service * * Access Level: Write * * Possible conditions: * - .ifNamespaceArn() * - .ifAwsTagKeys() * - .ifAwsRequestTag() * * https://docs.aws.amazon.com/cloud-map/latest/api/API_CreateService.html */ toCreateService(): this; /** * Grants permission to delete a specified namespace * * Access Level: Write * * https://docs.aws.amazon.com/cloud-map/latest/api/API_DeleteNamespace.html */ toDeleteNamespace(): this; /** * Grants permission to delete the RAM access control policy for a namespace * * Access Level: Write * * https://docs.aws.amazon.com/cloud-map/latest/dg/sharing-namespaces.html */ toDeleteResourcePolicy(): this; /** * Grants permission to delete a specified service * * Access Level: Write * * Possible conditions: * - .ifServiceCreatedByAccount() * * https://docs.aws.amazon.com/cloud-map/latest/api/API_DeleteService.html */ toDeleteService(): this; /** * Grants permission to delete specified attributes from a service * * Access Level: Write * * Possible conditions: * - .ifServiceCreatedByAccount() * * https://docs.aws.amazon.com/cloud-map/latest/api/API_DeleteServiceAttributes.html */ toDeleteServiceAttributes(): this; /** * Grants permission to delete the records and the health check, if any, that Amazon Route 53 created for the specified instance * * Access Level: Write * * Possible conditions: * - .ifServiceArn() * - .ifServiceCreatedByAccount() * * https://docs.aws.amazon.com/cloud-map/latest/api/API_DeregisterInstance.html */ toDeregisterInstance(): this; /** * Grants permission to discover registered instances for a specified namespace and service * * Access Level: Read * * Possible conditions: * - .ifNamespaceName() * - .ifServiceName() * * https://docs.aws.amazon.com/cloud-map/latest/api/API_DiscoverInstances.html */ toDiscoverInstances(): this; /** * Grants permission to discover the revision of the instances for a specified namespace and service * * Access Level: Read * * Possible conditions: * - .ifNamespaceName() * - .ifServiceName() * * https://docs.aws.amazon.com/cloud-map/latest/api/API_DiscoverInstancesRevision.html */ toDiscoverInstancesRevision(): this; /** * Grants permission to get information about a specified instance * * Access Level: Read * * Possible conditions: * - .ifServiceArn() * * https://docs.aws.amazon.com/cloud-map/latest/api/API_GetInstance.html */ toGetInstance(): this; /** * Grants permission to get the current health status (Healthy, Unhealthy, or Unknown) of one or more instances * * Access Level: Read * * Possible conditions: * - .ifServiceArn() * * https://docs.aws.amazon.com/cloud-map/latest/api/API_GetInstancesHealthStatus.html */ toGetInstancesHealthStatus(): this; /** * Grants permission to get information about a namespace * * Access Level: Read * * https://docs.aws.amazon.com/cloud-map/latest/api/API_GetNamespace.html */ toGetNamespace(): this; /** * Grants permission to get information about a specific operation * * Access Level: Read * * https://docs.aws.amazon.com/cloud-map/latest/api/API_GetOperation.html */ toGetOperation(): this; /** * Grants permission to read the RAM access control policy for a namespace * * Access Level: Read * * https://docs.aws.amazon.com/cloud-map/latest/dg/sharing-namespaces.html */ toGetResourcePolicy(): this; /** * Grants permission to get the settings for a specified service * * Access Level: Read * * https://docs.aws.amazon.com/cloud-map/latest/api/API_GetService.html */ toGetService(): this; /** * Grants permission to get the attributes for a specified service * * Access Level: Read * * https://docs.aws.amazon.com/cloud-map/latest/api/API_GetServiceAttributes.html */ toGetServiceAttributes(): this; /** * Grants permission to get summary information about the instances that were registered with a specified service * * Access Level: Read * * Possible conditions: * - .ifServiceArn() * * https://docs.aws.amazon.com/cloud-map/latest/api/API_ListInstances.html */ toListInstances(): this; /** * Grants permission to get information about the namespaces * * Access Level: Read * * https://docs.aws.amazon.com/cloud-map/latest/api/API_ListNamespaces.html */ toListNamespaces(): this; /** * Grants permission to list operations that match the criteria that you specify * * Access Level: List * * https://docs.aws.amazon.com/cloud-map/latest/api/API_ListOperations.html */ toListOperations(): this; /** * Grants permission to get settings for all the services that match specified filters * * Access Level: Read * * https://docs.aws.amazon.com/cloud-map/latest/api/API_ListServices.html */ toListServices(): this; /** * Grants permission to lists tags for the specified resource * * Access Level: Read * * https://docs.aws.amazon.com/cloud-map/latest/api/API_ListTagsForResource.html */ toListTagsForResource(): this; /** * Grants permission to define the RAM access control policy for a namespace * * Access Level: Write * * https://docs.aws.amazon.com/cloud-map/latest/dg/sharing-namespaces.html */ toPutResourcePolicy(): this; /** * Grants permission to register an instance based on the settings in a specified service * * Access Level: Write * * Possible conditions: * - .ifServiceArn() * - .ifServiceCreatedByAccount() * * https://docs.aws.amazon.com/cloud-map/latest/api/API_RegisterInstance.html */ toRegisterInstance(): this; /** * Grants permission to add one or more tags to the specified resource * * Access Level: Tagging * * Possible conditions: * - .ifAwsTagKeys() * - .ifAwsRequestTag() * * https://docs.aws.amazon.com/cloud-map/latest/api/API_TagResource.html */ toTagResource(): this; /** * Grants permission to remove one or more tags from the specified resource * * Access Level: Tagging * * Possible conditions: * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/cloud-map/latest/api/API_UntagResource.html */ toUntagResource(): this; /** * Grants permission to update the settings for a HTTP namespace * * Access Level: Write * * https://docs.aws.amazon.com/cloud-map/latest/api/API_UpdateHttpNamespace.html */ toUpdateHttpNamespace(): this; /** * Grants permission to update the current health status for an instance that has a custom health check * * Access Level: Write * * Possible conditions: * - .ifServiceArn() * - .ifServiceCreatedByAccount() * * https://docs.aws.amazon.com/cloud-map/latest/api/API_UpdateInstanceCustomHealthStatus.html */ toUpdateInstanceCustomHealthStatus(): this; /** * Grants permission to update the settings for a private DNS namespace * * Access Level: Write * * https://docs.aws.amazon.com/cloud-map/latest/api/API_UpdatePrivateDnsNamespace.html */ toUpdatePrivateDnsNamespace(): this; /** * Grants permission to update the settings for a public DNS namespace * * Access Level: Write * * https://docs.aws.amazon.com/cloud-map/latest/api/API_UpdatePublicDnsNamespace.html */ toUpdatePublicDnsNamespace(): this; /** * Grants permission to update the settings in a specified service * * Access Level: Write * * Possible conditions: * - .ifServiceCreatedByAccount() * * https://docs.aws.amazon.com/cloud-map/latest/api/API_UpdateService.html */ toUpdateService(): this; /** * Grants permission to update the attributes in a specified service * * Access Level: Write * * Possible conditions: * - .ifServiceCreatedByAccount() * * https://docs.aws.amazon.com/cloud-map/latest/api/API_UpdateServiceAttributes.html */ toUpdateServiceAttributes(): this; protected accessLevelList: AccessLevelList; /** * Adds a resource of type namespace to the statement * * https://docs.aws.amazon.com/cloud-map/latest/dg/API_Namespace.html * * @param namespaceId - Identifier for the namespaceId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onNamespace(namespaceId: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type service to the statement * * https://docs.aws.amazon.com/cloud-map/latest/dg/API_Service.html * * @param serviceId - Identifier for the serviceId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onService(serviceId: string, account?: string, region?: string, partition?: string): this; /** * Filters actions based on the tags that are passed in the request * * https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-requesttag * * Applies to actions: * - .toCreateHttpNamespace() * - .toCreatePrivateDnsNamespace() * - .toCreatePublicDnsNamespace() * - .toCreateService() * - .toTagResource() * * @param tagKey The tag key to check * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifAwsRequestTag(tagKey: string, value: string | string[], operator?: Operator | string): this; /** * Filters actions based on the tags associated with the resource * * https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-resourcetag * * Applies to resource types: * - namespace * - service * * @param tagKey The tag key to check * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifAwsResourceTag(tagKey: string, value: string | string[], operator?: Operator | string): this; /** * Filters actions based on the tag keys that are passed in the request * * https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-tagkeys * * Applies to actions: * - .toCreateHttpNamespace() * - .toCreatePrivateDnsNamespace() * - .toCreatePublicDnsNamespace() * - .toCreateService() * - .toTagResource() * - .toUntagResource() * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifAwsTagKeys(value: string | string[], operator?: Operator | string): this; /** * Filters access by specifying the Amazon Resource Name (ARN) for the related namespace * * https://docs.aws.amazon.com/cloud-map/latest/dg/access-control-overview.html#specifying-conditions * * Applies to actions: * - .toCreateService() * * @param value The value(s) to check * @param operator Works with [arn operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_ARN). **Default:** `ArnLike` */ ifNamespaceArn(value: string | string[], operator?: Operator | string): this; /** * Filters access by specifying the name of the related namespace * * https://docs.aws.amazon.com/cloud-map/latest/dg/access-control-overview.html#specifying-conditions * * Applies to actions: * - .toDiscoverInstances() * - .toDiscoverInstancesRevision() * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifNamespaceName(value: string | string[], operator?: Operator | string): this; /** * Filters access by specifying the Amazon Resource Name (ARN) for the related service * * https://docs.aws.amazon.com/cloud-map/latest/dg/access-control-overview.html#specifying-conditions * * Applies to actions: * - .toDeregisterInstance() * - .toGetInstance() * - .toGetInstancesHealthStatus() * - .toListInstances() * - .toRegisterInstance() * - .toUpdateInstanceCustomHealthStatus() * * @param value The value(s) to check * @param operator Works with [arn operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_ARN). **Default:** `ArnLike` */ ifServiceArn(value: string | string[], operator?: Operator | string): this; /** * Filters access by specifying the account id of the related service creator * * https://docs.aws.amazon.com/cloud-map/latest/dg/access-control-overview.html#specifying-conditions * * Applies to actions: * - .toDeleteService() * - .toDeleteServiceAttributes() * - .toDeregisterInstance() * - .toRegisterInstance() * - .toUpdateInstanceCustomHealthStatus() * - .toUpdateService() * - .toUpdateServiceAttributes() * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifServiceCreatedByAccount(value: string | string[], operator?: Operator | string): this; /** * Filters access by specifying the name of the related service * * https://docs.aws.amazon.com/cloud-map/latest/dg/access-control-overview.html#specifying-conditions * * Applies to actions: * - .toDiscoverInstances() * - .toDiscoverInstancesRevision() * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifServiceName(value: string | string[], operator?: Operator | string): this; }