iam-floyd

import { AccessLevelList } from '../../shared/access-level'; import { PolicyStatement, Operator } from '../../shared'; /** * Statement provider for service [datasync](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsdatasync.html). * * @param sid [SID](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_sid.html) of the statement */ export declare class Datasync extends PolicyStatement { servicePrefix: string; /** * Statement provider for service [datasync](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsdatasync.html). * * @param sid [SID](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_sid.html) of the statement */ constructor(sid?: string); /** * Grants permission to create a storage system * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsResourceTag() * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/datasync/latest/userguide/API_AddStorageSystem.html */ toAddStorageSystem(): this; /** * Grants permission to cancel execution of a sync task * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * * https://docs.aws.amazon.com/datasync/latest/userguide/API_CancelTaskExecution.html */ toCancelTaskExecution(): this; /** * Grants permission to activate an agent that you have deployed on your host * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateAgent.html */ toCreateAgent(): this; /** * Grants permission to create an endpoint for a Microsoft Azure Blob Storage container * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateLocationAzureBlob.html */ toCreateLocationAzureBlob(): this; /** * Grants permission to create an endpoint for an Amazon EFS file system * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateLocationEfs.html */ toCreateLocationEfs(): this; /** * Grants permission to create an endpoint for an Amazon Fsx Lustre * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateLocationFsxLustre.html */ toCreateLocationFsxLustre(): this; /** * Grants permission to create an endpoint for Amazon FSx for ONTAP * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateLocationFsxOntap.html */ toCreateLocationFsxOntap(): this; /** * Grants permission to create an endpoint for Amazon FSx for OpenZFS * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateLocationFsxOpenZfs.html */ toCreateLocationFsxOpenZfs(): this; /** * Grants permission to create an endpoint for an Amazon FSx Windows File Server file system * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateLocationFsxWindows.html */ toCreateLocationFsxWindows(): this; /** * Grants permission to create an endpoint for an Amazon Hdfs * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateLocationHdfs.html */ toCreateLocationHdfs(): this; /** * Grants permission to create an endpoint for a NFS file system * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateLocationNfs.html */ toCreateLocationNfs(): this; /** * Grants permission to create an endpoint for a self-managed object storage bucket * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateLocationObjectStorage.html */ toCreateLocationObjectStorage(): this; /** * Grants permission to create an endpoint for an Amazon S3 bucket * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateLocationS3.html */ toCreateLocationS3(): this; /** * Grants permission to create an endpoint for an SMB file system * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateLocationSmb.html */ toCreateLocationSmb(): this; /** * Grants permission to create a sync task * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateTask.html */ toCreateTask(): this; /** * Grants permission to delete an agent * * Access Level: Write * * https://docs.aws.amazon.com/datasync/latest/userguide/API_DeleteAgent.html */ toDeleteAgent(): this; /** * Grants permission to delete a location used by AWS DataSync * * Access Level: Write * * https://docs.aws.amazon.com/datasync/latest/userguide/API_DeleteLocation.html */ toDeleteLocation(): this; /** * Grants permission to delete a sync task * * Access Level: Write * * https://docs.aws.amazon.com/datasync/latest/userguide/API_DeleteTask.html */ toDeleteTask(): this; /** * Grants permission to view metadata such as name, network interfaces, and the status (that is, whether the agent is running or not) about a sync agent * * Access Level: Read * * https://docs.aws.amazon.com/datasync/latest/userguide/API_DescribeAgent.html */ toDescribeAgent(): this; /** * Grants permission to describe metadata about a discovery job * * Access Level: Read * * https://docs.aws.amazon.com/datasync/latest/userguide/API_DescribeDiscoveryJob.html */ toDescribeDiscoveryJob(): this; /** * Grants permission to view metadata, such as the path information about an Azure Blob Storage sync location * * Access Level: Read * * https://docs.aws.amazon.com/datasync/latest/userguide/API_DescribeLocationAzureBlob.html */ toDescribeLocationAzureBlob(): this; /** * Grants permission to view metadata, such as the path information about an Amazon EFS sync location * * Access Level: Read * * https://docs.aws.amazon.com/datasync/latest/userguide/API_DescribeLocationEfs.html */ toDescribeLocationEfs(): this; /** * Grants permission to view metadata, such as the path information about an Amazon FSx Lustre sync location * * Access Level: Read * * https://docs.aws.amazon.com/datasync/latest/userguide/API_DescribeLocationFsxLustre.html */ toDescribeLocationFsxLustre(): this; /** * Grants permission to view metadata, such as the path information about an Amazon FSx for ONTAP sync location * * Access Level: Read * * https://docs.aws.amazon.com/datasync/latest/userguide/API_DescribeLocationFsxOntap.html */ toDescribeLocationFsxOntap(): this; /** * Grants permission to view metadata, such as the path information about an Amazon FSx OpenZFS sync location * * Access Level: Read * * https://docs.aws.amazon.com/datasync/latest/userguide/API_DescribeLocationFsxOpenZfs.html */ toDescribeLocationFsxOpenZfs(): this; /** * Grants permission to view metadata, such as the path information about an Amazon FSx Windows sync location * * Access Level: Read * * https://docs.aws.amazon.com/datasync/latest/userguide/API_DescribeLocationFsxWindows.html */ toDescribeLocationFsxWindows(): this; /** * Grants permission to view metadata, such as the path information about an Amazon HDFS sync location * * Access Level: Read * * https://docs.aws.amazon.com/datasync/latest/userguide/API_DescribeLocationHdfs.html */ toDescribeLocationHdfs(): this; /** * Grants permission to view metadata, such as the path information, about a NFS sync location * * Access Level: Read * * https://docs.aws.amazon.com/datasync/latest/userguide/API_DescribeLocationNfs.html */ toDescribeLocationNfs(): this; /** * Grants permission to view metadata about a self-managed object storage server location * * Access Level: Read * * https://docs.aws.amazon.com/datasync/latest/userguide/API_DescribeLocationObjectStorage.html */ toDescribeLocationObjectStorage(): this; /** * Grants permission to view metadata, such as bucket name, about an Amazon S3 bucket sync location * * Access Level: Read * * https://docs.aws.amazon.com/datasync/latest/userguide/API_DescribeLocationS3.html */ toDescribeLocationS3(): this; /** * Grants permission to view metadata, such as the path information, about an SMB sync location * * Access Level: Read * * https://docs.aws.amazon.com/datasync/latest/userguide/API_DescribeLocationSmb.html */ toDescribeLocationSmb(): this; /** * Grants permission to view metadata about a storage system * * Access Level: Read * * https://docs.aws.amazon.com/datasync/latest/userguide/API_DescribeStorageSystem.html */ toDescribeStorageSystem(): this; /** * Grants permission to describe resource metrics collected by a discovery job * * Access Level: List * * https://docs.aws.amazon.com/datasync/latest/userguide/API_DescribeStorageSystemResourceMetrics.html */ toDescribeStorageSystemResourceMetrics(): this; /** * Grants permission to describe resources identified by a discovery job * * Access Level: List * * https://docs.aws.amazon.com/datasync/latest/userguide/API_DescribeStorageSystemResources.html */ toDescribeStorageSystemResources(): this; /** * Grants permission to view metadata about a sync task * * Access Level: Read * * https://docs.aws.amazon.com/datasync/latest/userguide/API_DescribeTask.html */ toDescribeTask(): this; /** * Grants permission to view metadata about a sync task that is being executed * * Access Level: Read * * Possible conditions: * - .ifAwsResourceTag() * * https://docs.aws.amazon.com/datasync/latest/userguide/API_DescribeTaskExecution.html */ toDescribeTaskExecution(): this; /** * Grants permission to generate recommendations for a resource identified by a discovery job * * Access Level: Write * * https://docs.aws.amazon.com/datasync/latest/userguide/API_GenerateRecommendations.html */ toGenerateRecommendations(): this; /** * Grants permission to list agents owned by an AWS account in a region specified in the request * * Access Level: List * * https://docs.aws.amazon.com/datasync/latest/userguide/API_ListAgents.html */ toListAgents(): this; /** * Grants permission to list discovery jobs * * Access Level: List * * https://docs.aws.amazon.com/datasync/latest/userguide/API_ListDiscoveryJobs.html */ toListDiscoveryJobs(): this; /** * Grants permission to list source and destination sync locations * * Access Level: List * * https://docs.aws.amazon.com/datasync/latest/userguide/API_ListLocations.html */ toListLocations(): this; /** * Grants permission to list storage systems * * Access Level: List * * https://docs.aws.amazon.com/datasync/latest/userguide/API_ListStorageSystems.html */ toListStorageSystems(): this; /** * Grants permission to list tags that have been added to the specified resource * * Access Level: Read * * https://docs.aws.amazon.com/datasync/latest/userguide/API_ListTagsForResource.html */ toListTagsForResource(): this; /** * Grants permission to list executed sync tasks * * Access Level: List * * Possible conditions: * - .ifAwsResourceTag() * * https://docs.aws.amazon.com/datasync/latest/userguide/API_ListTaskExecutions.html */ toListTaskExecutions(): this; /** * Grants permission to list of all the sync tasks * * Access Level: List * * https://docs.aws.amazon.com/datasync/latest/userguide/API_ListTasks.html */ toListTasks(): this; /** * Grants permission to delete a storage system * * Access Level: Write * * https://docs.aws.amazon.com/datasync/latest/userguide/API_RemoveStorageSystem.html */ toRemoveStorageSystem(): this; /** * Grants permission to start a discovery job for a storage system * * Access Level: Write * * https://docs.aws.amazon.com/datasync/latest/userguide/API_StartDiscoveryJob.html */ toStartDiscoveryJob(): this; /** * Grants permission to start a specific invocation of a sync task * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsResourceTag() * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/datasync/latest/userguide/API_StartTaskExecution.html */ toStartTaskExecution(): this; /** * Grants permission to stop a discovery job * * Access Level: Write * * https://docs.aws.amazon.com/datasync/latest/userguide/API_StopDiscoveryJob.html */ toStopDiscoveryJob(): this; /** * Grants permission to apply a key-value pair to an AWS resource * * Access Level: Tagging * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/datasync/latest/userguide/API_TagResource.html */ toTagResource(): this; /** * Grants permission to remove one or more tags from the specified resource * * Access Level: Tagging * * Possible conditions: * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/datasync/latest/userguide/API_UntagResource.html */ toUntagResource(): this; /** * Grants permission to update the name of an agent * * Access Level: Write * * https://docs.aws.amazon.com/datasync/latest/userguide/API_UpdateAgent.html */ toUpdateAgent(): this; /** * Grants permission to update a discovery job * * Access Level: Write * * https://docs.aws.amazon.com/datasync/latest/userguide/API_UpdateDiscoveryJob.html */ toUpdateDiscoveryJob(): this; /** * Grants permission to update an Azure Blob Storage sync location * * Access Level: Write * * https://docs.aws.amazon.com/datasync/latest/userguide/API_UpdateLocationAzureBlob.html */ toUpdateLocationAzureBlob(): this; /** * Grants permission to update an EFS sync Location * * Access Level: Write * * https://docs.aws.amazon.com/datasync/latest/userguide/API_UpdateLocationEfs.html */ toUpdateLocationEfs(): this; /** * Grants permission to update an FSx Lustre sync Location * * Access Level: Write * * https://docs.aws.amazon.com/datasync/latest/userguide/API_UpdateLocationFsxLustre.html */ toUpdateLocationFsxLustre(): this; /** * Grants permission to update an FSx ONTAP sync Location * * Access Level: Write * * https://docs.aws.amazon.com/datasync/latest/userguide/API_UpdateLocationFsxOntap.html */ toUpdateLocationFsxOntap(): this; /** * Grants permission to update an FSx OpenZFS sync Location * * Access Level: Write * * https://docs.aws.amazon.com/datasync/latest/userguide/API_UpdateLocationFsxOpenZfs.html */ toUpdateLocationFsxOpenZfs(): this; /** * Grants permission to update an FSx Windows sync Location * * Access Level: Write * * https://docs.aws.amazon.com/datasync/latest/userguide/API_UpdateLocationFsxWindows.html */ toUpdateLocationFsxWindows(): this; /** * Grants permission to update an HDFS sync Location * * Access Level: Write * * https://docs.aws.amazon.com/datasync/latest/userguide/API_UpdateLocationHdfs.html */ toUpdateLocationHdfs(): this; /** * Grants permission to update an NFS sync Location * * Access Level: Write * * https://docs.aws.amazon.com/datasync/latest/userguide/API_UpdateLocationNfs.html */ toUpdateLocationNfs(): this; /** * Grants permission to update a self-managed object storage server location * * Access Level: Write * * https://docs.aws.amazon.com/datasync/latest/userguide/API_UpdateLocationObjectStorage.html */ toUpdateLocationObjectStorage(): this; /** * Grants permission to update an S3 sync Location * * Access Level: Write * * https://docs.aws.amazon.com/datasync/latest/userguide/API_UpdateLocationS3.html */ toUpdateLocationS3(): this; /** * Grants permission to update a SMB sync location * * Access Level: Write * * https://docs.aws.amazon.com/datasync/latest/userguide/API_UpdateLocationSmb.html */ toUpdateLocationSmb(): this; /** * Grants permission to update a storage system * * Access Level: Write * * https://docs.aws.amazon.com/datasync/latest/userguide/API_UpdateStorageSystem.html */ toUpdateStorageSystem(): this; /** * Grants permission to update metadata associated with a sync task * * Access Level: Write * * https://docs.aws.amazon.com/datasync/latest/userguide/API_UpdateTask.html */ toUpdateTask(): this; /** * Grants permission to update execution of a sync task * * Access Level: Write * * Possible conditions: * - .ifAwsResourceTag() * * https://docs.aws.amazon.com/datasync/latest/userguide/API_UpdateTaskExecution.html */ toUpdateTaskExecution(): this; protected accessLevelList: AccessLevelList; /** * Adds a resource of type agent to the statement * * https://docs.aws.amazon.com/datasync/latest/userguide/working-with-agents.html * * @param agentId - Identifier for the agentId. * @param accountId - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onAgent(agentId: string, accountId?: string, region?: string, partition?: string): this; /** * Adds a resource of type location to the statement * * https://docs.aws.amazon.com/datasync/latest/userguide/working-with-locations.html * * @param locationId - Identifier for the locationId. * @param accountId - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onLocation(locationId: string, accountId?: string, region?: string, partition?: string): this; /** * Adds a resource of type task to the statement * * https://docs.aws.amazon.com/datasync/latest/userguide/working-with-tasks.html * * @param taskId - Identifier for the taskId. * @param accountId - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onTask(taskId: string, accountId?: string, region?: string, partition?: string): this; /** * Adds a resource of type taskexecution to the statement * * https://docs.aws.amazon.com/datasync/latest/userguide/working-with-task-executions.html * * @param taskId - Identifier for the taskId. * @param executionId - Identifier for the executionId. * @param accountId - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onTaskexecution(taskId: string, executionId: string, accountId?: string, region?: string, partition?: string): this; /** * Adds a resource of type storagesystem to the statement * * https://docs.aws.amazon.com/datasync/latest/userguide/discovery-configure-storage.html * * @param storageSystemId - Identifier for the storageSystemId. * @param accountId - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onStoragesystem(storageSystemId: string, accountId?: string, region?: string, partition?: string): this; /** * Adds a resource of type discoveryjob to the statement * * https://docs.aws.amazon.com/datasync/latest/userguide/discovery-job-create.html * * @param storageSystemId - Identifier for the storageSystemId. * @param discoveryJobId - Identifier for the discoveryJobId. * @param accountId - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onDiscoveryjob(storageSystemId: string, discoveryJobId: string, accountId?: string, region?: string, partition?: string): this; /** * Filters access by the tag key-value pairs in the request * * https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-requesttag * * Applies to actions: * - .toAddStorageSystem() * - .toCreateAgent() * - .toCreateLocationAzureBlob() * - .toCreateLocationEfs() * - .toCreateLocationFsxLustre() * - .toCreateLocationFsxOntap() * - .toCreateLocationFsxOpenZfs() * - .toCreateLocationFsxWindows() * - .toCreateLocationHdfs() * - .toCreateLocationNfs() * - .toCreateLocationObjectStorage() * - .toCreateLocationS3() * - .toCreateLocationSmb() * - .toCreateTask() * - .toStartTaskExecution() * - .toTagResource() * * @param tagKey The tag key to check * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifAwsRequestTag(tagKey: string, value: string | string[], operator?: Operator | string): this; /** * Filters access by the tag key-value pairs associated with the resource * * https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-resourcetag * * Applies to actions: * - .toAddStorageSystem() * - .toCancelTaskExecution() * - .toDescribeTaskExecution() * - .toListTaskExecutions() * - .toStartTaskExecution() * - .toUpdateTaskExecution() * * Applies to resource types: * - agent * - location * - task * - taskexecution * - storagesystem * - discoveryjob * * @param tagKey The tag key to check * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifAwsResourceTag(tagKey: string, value: string | string[], operator?: Operator | string): this; /** * Filters access by the tag keys in the request * * https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-tagkeys * * Applies to actions: * - .toAddStorageSystem() * - .toCreateAgent() * - .toCreateLocationAzureBlob() * - .toCreateLocationEfs() * - .toCreateLocationFsxLustre() * - .toCreateLocationFsxOntap() * - .toCreateLocationFsxOpenZfs() * - .toCreateLocationFsxWindows() * - .toCreateLocationHdfs() * - .toCreateLocationNfs() * - .toCreateLocationObjectStorage() * - .toCreateLocationS3() * - .toCreateLocationSmb() * - .toCreateTask() * - .toStartTaskExecution() * - .toTagResource() * - .toUntagResource() * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifAwsTagKeys(value: string | string[], operator?: Operator | string): this; }