iam-floyd
Version:
AWS IAM policy statement generator with fluent interface
1,258 lines • 1.84 MB
JavaScript
"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.Ec2 = void 0;
const shared_1 = require("../../shared");
/**
* Statement provider for service [ec2](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonec2.html).
*
* @param sid [SID](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_sid.html) of the statement
*/
class Ec2 extends shared_1.PolicyStatement {
/**
* Statement provider for service [ec2](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonec2.html).
*
* @param sid [SID](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_sid.html) of the statement
*/
constructor(sid) {
super(sid);
this.servicePrefix = 'ec2';
this.accessLevelList = {
Write: [
'AcceptAddressTransfer',
'AcceptCapacityReservationBillingOwnership',
'AcceptReservedInstancesExchangeQuote',
'AcceptTransitGatewayMulticastDomainAssociations',
'AcceptTransitGatewayPeeringAttachment',
'AcceptTransitGatewayVpcAttachment',
'AcceptVpcEndpointConnections',
'AcceptVpcPeeringConnection',
'AdvertiseByoipCidr',
'AllocateAddress',
'AllocateHosts',
'AllocateIpamPoolCidr',
'ApplySecurityGroupsToClientVpnTargetNetwork',
'AssignIpv6Addresses',
'AssignPrivateIpAddresses',
'AssignPrivateNatGatewayAddress',
'AssociateAddress',
'AssociateCapacityReservationBillingOwner',
'AssociateClientVpnTargetNetwork',
'AssociateDhcpOptions',
'AssociateEnclaveCertificateIamRole',
'AssociateIamInstanceProfile',
'AssociateInstanceEventWindow',
'AssociateIpamByoasn',
'AssociateIpamResourceDiscovery',
'AssociateNatGatewayAddress',
'AssociateRouteServer',
'AssociateRouteTable',
'AssociateSecurityGroupVpc',
'AssociateSubnetCidrBlock',
'AssociateTransitGatewayMulticastDomain',
'AssociateTransitGatewayPolicyTable',
'AssociateTransitGatewayRouteTable',
'AssociateTrunkInterface',
'AssociateVerifiedAccessInstanceWebAcl',
'AssociateVpcCidrBlock',
'AttachClassicLinkVpc',
'AttachInternetGateway',
'AttachNetworkInterface',
'AttachVerifiedAccessTrustProvider',
'AttachVolume',
'AttachVpnGateway',
'AuthorizeClientVpnIngress',
'AuthorizeSecurityGroupEgress',
'AuthorizeSecurityGroupIngress',
'BundleInstance',
'CancelBundleTask',
'CancelCapacityReservation',
'CancelCapacityReservationFleets',
'CancelConversionTask',
'CancelDeclarativePoliciesReport',
'CancelExportTask',
'CancelImportTask',
'CancelReservedInstancesListing',
'CancelSpotFleetRequests',
'CancelSpotInstanceRequests',
'ConfirmProductInstance',
'CopyFpgaImage',
'CopyImage',
'CopySnapshot',
'CopyVolumes',
'CreateCapacityManagerDataExport',
'CreateCapacityReservation',
'CreateCapacityReservationBySplitting',
'CreateCapacityReservationFleet',
'CreateCarrierGateway',
'CreateClientVpnEndpoint',
'CreateClientVpnRoute',
'CreateCoipCidr',
'CreateCoipPool',
'CreateCustomerGateway',
'CreateDefaultSubnet',
'CreateDefaultVpc',
'CreateDelegateMacVolumeOwnershipTask',
'CreateDhcpOptions',
'CreateEgressOnlyInternetGateway',
'CreateFleet',
'CreateFlowLogs',
'CreateFpgaImage',
'CreateImage',
'CreateImageUsageReport',
'CreateInstanceConnectEndpoint',
'CreateInstanceEventWindow',
'CreateInstanceExportTask',
'CreateInternetGateway',
'CreateIpam',
'CreateIpamExternalResourceVerificationToken',
'CreateIpamPool',
'CreateIpamResourceDiscovery',
'CreateIpamScope',
'CreateKeyPair',
'CreateLaunchTemplate',
'CreateLaunchTemplateVersion',
'CreateLocalGatewayRoute',
'CreateLocalGatewayRouteTable',
'CreateLocalGatewayRouteTableVirtualInterfaceGroupAssociation',
'CreateLocalGatewayRouteTableVpcAssociation',
'CreateLocalGatewayVirtualInterface',
'CreateLocalGatewayVirtualInterfaceGroup',
'CreateMacSystemIntegrityProtectionModificationTask',
'CreateManagedPrefixList',
'CreateNatGateway',
'CreateNetworkAcl',
'CreateNetworkAclEntry',
'CreateNetworkInsightsAccessScope',
'CreateNetworkInsightsPath',
'CreateNetworkInterface',
'CreatePlacementGroup',
'CreatePublicIpv4Pool',
'CreateReplaceRootVolumeTask',
'CreateReservedInstancesListing',
'CreateRestoreImageTask',
'CreateRoute',
'CreateRouteServer',
'CreateRouteServerEndpoint',
'CreateRouteServerPeer',
'CreateRouteTable',
'CreateSecurityGroup',
'CreateSnapshot',
'CreateSnapshots',
'CreateSpotDatafeedSubscription',
'CreateStoreImageTask',
'CreateSubnet',
'CreateSubnetCidrReservation',
'CreateTrafficMirrorFilter',
'CreateTrafficMirrorFilterRule',
'CreateTrafficMirrorSession',
'CreateTrafficMirrorTarget',
'CreateTransitGateway',
'CreateTransitGatewayConnect',
'CreateTransitGatewayConnectPeer',
'CreateTransitGatewayMulticastDomain',
'CreateTransitGatewayPeeringAttachment',
'CreateTransitGatewayPolicyTable',
'CreateTransitGatewayPrefixListReference',
'CreateTransitGatewayRoute',
'CreateTransitGatewayRouteTable',
'CreateTransitGatewayRouteTableAnnouncement',
'CreateTransitGatewayVpcAttachment',
'CreateVerifiedAccessEndpoint',
'CreateVerifiedAccessGroup',
'CreateVerifiedAccessInstance',
'CreateVerifiedAccessTrustProvider',
'CreateVolume',
'CreateVpc',
'CreateVpcBlockPublicAccessExclusion',
'CreateVpcEndpoint',
'CreateVpcEndpointConnectionNotification',
'CreateVpcEndpointServiceConfiguration',
'CreateVpcPeeringConnection',
'CreateVpnConnection',
'CreateVpnConnectionRoute',
'CreateVpnGateway',
'DeleteCapacityManagerDataExport',
'DeleteCarrierGateway',
'DeleteClientVpnEndpoint',
'DeleteClientVpnRoute',
'DeleteCoipCidr',
'DeleteCoipPool',
'DeleteCustomerGateway',
'DeleteDhcpOptions',
'DeleteEgressOnlyInternetGateway',
'DeleteFleets',
'DeleteFlowLogs',
'DeleteFpgaImage',
'DeleteImageUsageReport',
'DeleteInstanceConnectEndpoint',
'DeleteInstanceEventWindow',
'DeleteInternetGateway',
'DeleteIpam',
'DeleteIpamExternalResourceVerificationToken',
'DeleteIpamPool',
'DeleteIpamResourceDiscovery',
'DeleteIpamScope',
'DeleteKeyPair',
'DeleteLaunchTemplate',
'DeleteLaunchTemplateVersions',
'DeleteLocalGatewayRoute',
'DeleteLocalGatewayRouteTable',
'DeleteLocalGatewayRouteTableVirtualInterfaceGroupAssociation',
'DeleteLocalGatewayRouteTableVpcAssociation',
'DeleteLocalGatewayVirtualInterface',
'DeleteLocalGatewayVirtualInterfaceGroup',
'DeleteManagedPrefixList',
'DeleteNatGateway',
'DeleteNetworkAcl',
'DeleteNetworkAclEntry',
'DeleteNetworkInsightsAccessScope',
'DeleteNetworkInsightsAccessScopeAnalysis',
'DeleteNetworkInsightsAnalysis',
'DeleteNetworkInsightsPath',
'DeleteNetworkInterface',
'DeletePlacementGroup',
'DeletePublicIpv4Pool',
'DeleteQueuedReservedInstances',
'DeleteRoute',
'DeleteRouteServer',
'DeleteRouteServerEndpoint',
'DeleteRouteServerPeer',
'DeleteRouteTable',
'DeleteSecurityGroup',
'DeleteSnapshot',
'DeleteSpotDatafeedSubscription',
'DeleteSubnet',
'DeleteSubnetCidrReservation',
'DeleteTrafficMirrorFilter',
'DeleteTrafficMirrorFilterRule',
'DeleteTrafficMirrorSession',
'DeleteTrafficMirrorTarget',
'DeleteTransitGateway',
'DeleteTransitGatewayConnect',
'DeleteTransitGatewayConnectPeer',
'DeleteTransitGatewayMulticastDomain',
'DeleteTransitGatewayPeeringAttachment',
'DeleteTransitGatewayPolicyTable',
'DeleteTransitGatewayPrefixListReference',
'DeleteTransitGatewayRoute',
'DeleteTransitGatewayRouteTable',
'DeleteTransitGatewayRouteTableAnnouncement',
'DeleteTransitGatewayVpcAttachment',
'DeleteVerifiedAccessEndpoint',
'DeleteVerifiedAccessGroup',
'DeleteVerifiedAccessInstance',
'DeleteVerifiedAccessTrustProvider',
'DeleteVolume',
'DeleteVpc',
'DeleteVpcBlockPublicAccessExclusion',
'DeleteVpcEndpointConnectionNotifications',
'DeleteVpcEndpointServiceConfigurations',
'DeleteVpcEndpoints',
'DeleteVpcPeeringConnection',
'DeleteVpnConnection',
'DeleteVpnConnectionRoute',
'DeleteVpnGateway',
'DeprovisionByoipCidr',
'DeprovisionIpamByoasn',
'DeprovisionIpamPoolCidr',
'DeprovisionPublicIpv4PoolCidr',
'DeregisterImage',
'DeregisterInstanceEventNotificationAttributes',
'DeregisterTransitGatewayMulticastGroupMembers',
'DeregisterTransitGatewayMulticastGroupSources',
'DetachClassicLinkVpc',
'DetachInternetGateway',
'DetachNetworkInterface',
'DetachVerifiedAccessTrustProvider',
'DetachVolume',
'DetachVpnGateway',
'DisableAddressTransfer',
'DisableAllowedImagesSettings',
'DisableAwsNetworkPerformanceMetricSubscription',
'DisableCapacityManager',
'DisableEbsEncryptionByDefault',
'DisableFastLaunch',
'DisableFastSnapshotRestores',
'DisableImage',
'DisableImageDeprecation',
'DisableImageDeregistrationProtection',
'DisableIpamOrganizationAdminAccount',
'DisableRouteServerPropagation',
'DisableSerialConsoleAccess',
'DisableTransitGatewayRouteTablePropagation',
'DisableVgwRoutePropagation',
'DisableVpcClassicLink',
'DisableVpcClassicLinkDnsSupport',
'DisassociateAddress',
'DisassociateCapacityReservationBillingOwner',
'DisassociateClientVpnTargetNetwork',
'DisassociateEnclaveCertificateIamRole',
'DisassociateIamInstanceProfile',
'DisassociateInstanceEventWindow',
'DisassociateIpamByoasn',
'DisassociateIpamResourceDiscovery',
'DisassociateNatGatewayAddress',
'DisassociateRouteServer',
'DisassociateRouteTable',
'DisassociateSecurityGroupVpc',
'DisassociateSubnetCidrBlock',
'DisassociateTransitGatewayMulticastDomain',
'DisassociateTransitGatewayPolicyTable',
'DisassociateTransitGatewayRouteTable',
'DisassociateTrunkInterface',
'DisassociateVerifiedAccessInstanceWebAcl',
'DisassociateVpcCidrBlock',
'EnableAddressTransfer',
'EnableAllowedImagesSettings',
'EnableAwsNetworkPerformanceMetricSubscription',
'EnableCapacityManager',
'EnableEbsEncryptionByDefault',
'EnableFastLaunch',
'EnableFastSnapshotRestores',
'EnableImage',
'EnableImageDeprecation',
'EnableImageDeregistrationProtection',
'EnableIpamOrganizationAdminAccount',
'EnableReachabilityAnalyzerOrganizationSharing',
'EnableRouteServerPropagation',
'EnableSerialConsoleAccess',
'EnableTransitGatewayRouteTablePropagation',
'EnableVgwRoutePropagation',
'EnableVolumeIO',
'EnableVpcClassicLink',
'EnableVpcClassicLinkDnsSupport',
'ExportImage',
'ExportTransitGatewayRoutes',
'ImportByoipCidrToIpam',
'ImportClientVpnClientCertificateRevocationList',
'ImportImage',
'ImportInstance',
'ImportKeyPair',
'ImportSnapshot',
'ImportVolume',
'InjectApiError',
'LockSnapshot',
'ModifyAddressAttribute',
'ModifyAvailabilityZoneGroup',
'ModifyCapacityReservation',
'ModifyCapacityReservationFleet',
'ModifyClientVpnEndpoint',
'ModifyDefaultCreditSpecification',
'ModifyEbsDefaultKmsKeyId',
'ModifyFleet',
'ModifyFpgaImageAttribute',
'ModifyHosts',
'ModifyIdFormat',
'ModifyIdentityIdFormat',
'ModifyImageAttribute',
'ModifyInstanceAttribute',
'ModifyInstanceCapacityReservationAttributes',
'ModifyInstanceConnectEndpoint',
'ModifyInstanceCpuOptions',
'ModifyInstanceCreditSpecification',
'ModifyInstanceEventStartTime',
'ModifyInstanceEventWindow',
'ModifyInstanceMaintenanceOptions',
'ModifyInstanceMetadataDefaults',
'ModifyInstanceMetadataOptions',
'ModifyInstanceNetworkPerformanceOptions',
'ModifyInstancePlacement',
'ModifyIpam',
'ModifyIpamPool',
'ModifyIpamResourceCidr',
'ModifyIpamResourceDiscovery',
'ModifyIpamScope',
'ModifyLaunchTemplate',
'ModifyLocalGatewayRoute',
'ModifyManagedPrefixList',
'ModifyNetworkInterfaceAttribute',
'ModifyPrivateDnsNameOptions',
'ModifyPublicIpDnsNameOptions',
'ModifyReservedInstances',
'ModifyRouteServer',
'ModifySecurityGroupRules',
'ModifySnapshotTier',
'ModifySpotFleetRequest',
'ModifySubnetAttribute',
'ModifyTrafficMirrorFilterNetworkServices',
'ModifyTrafficMirrorFilterRule',
'ModifyTrafficMirrorSession',
'ModifyTransitGateway',
'ModifyTransitGatewayPrefixListReference',
'ModifyTransitGatewayVpcAttachment',
'ModifyVerifiedAccessEndpoint',
'ModifyVerifiedAccessEndpointPolicy',
'ModifyVerifiedAccessGroup',
'ModifyVerifiedAccessGroupPolicy',
'ModifyVerifiedAccessInstance',
'ModifyVerifiedAccessInstanceLoggingConfiguration',
'ModifyVerifiedAccessTrustProvider',
'ModifyVolume',
'ModifyVolumeAttribute',
'ModifyVpcAttribute',
'ModifyVpcBlockPublicAccessExclusion',
'ModifyVpcBlockPublicAccessOptions',
'ModifyVpcEndpoint',
'ModifyVpcEndpointConnectionNotification',
'ModifyVpcEndpointServiceConfiguration',
'ModifyVpcEndpointServicePayerResponsibility',
'ModifyVpcPeeringConnectionOptions',
'ModifyVpcTenancy',
'ModifyVpnConnection',
'ModifyVpnConnectionOptions',
'ModifyVpnTunnelCertificate',
'ModifyVpnTunnelOptions',
'MonitorInstances',
'MoveAddressToVpc',
'MoveByoipCidrToIpam',
'MoveCapacityReservationInstances',
'PauseVolumeIO',
'ProvisionByoipCidr',
'ProvisionIpamByoasn',
'ProvisionIpamPoolCidr',
'ProvisionPublicIpv4PoolCidr',
'PurchaseCapacityBlock',
'PurchaseCapacityBlockExtension',
'PurchaseHostReservation',
'PurchaseReservedInstancesOffering',
'PurchaseScheduledInstances',
'RebootInstances',
'RegisterImage',
'RegisterInstanceEventNotificationAttributes',
'RegisterTransitGatewayMulticastGroupMembers',
'RegisterTransitGatewayMulticastGroupSources',
'RejectCapacityReservationBillingOwnership',
'RejectTransitGatewayMulticastDomainAssociations',
'RejectTransitGatewayPeeringAttachment',
'RejectTransitGatewayVpcAttachment',
'RejectVpcEndpointConnections',
'RejectVpcPeeringConnection',
'ReleaseAddress',
'ReleaseHosts',
'ReleaseIpamPoolAllocation',
'ReplaceIamInstanceProfileAssociation',
'ReplaceImageCriteriaInAllowedImagesSettings',
'ReplaceNetworkAclAssociation',
'ReplaceNetworkAclEntry',
'ReplaceRoute',
'ReplaceRouteTableAssociation',
'ReplaceTransitGatewayRoute',
'ReplaceVpnTunnel',
'ReportInstanceStatus',
'RequestSpotFleet',
'RequestSpotInstances',
'ResetAddressAttribute',
'ResetEbsDefaultKmsKeyId',
'ResetFpgaImageAttribute',
'ResetImageAttribute',
'ResetInstanceAttribute',
'ResetNetworkInterfaceAttribute',
'RestoreAddressToClassic',
'RestoreImageFromRecycleBin',
'RestoreManagedPrefixListVersion',
'RestoreSnapshotFromRecycleBin',
'RestoreSnapshotTier',
'RevokeClientVpnIngress',
'RevokeSecurityGroupEgress',
'RevokeSecurityGroupIngress',
'RunInstances',
'RunScheduledInstances',
'SendDiagnosticInterrupt',
'SendSpotInstanceInterruptions',
'StartInstances',
'StartNetworkInsightsAccessScopeAnalysis',
'StartNetworkInsightsAnalysis',
'StartVpcEndpointServicePrivateDnsVerification',
'StopInstances',
'TerminateClientVpnConnections',
'TerminateInstances',
'UnassignIpv6Addresses',
'UnassignPrivateIpAddresses',
'UnassignPrivateNatGatewayAddress',
'UnlockSnapshot',
'UnmonitorInstances',
'UpdateCapacityManagerOrganizationsAccess',
'UpdateSecurityGroupRuleDescriptionsEgress',
'UpdateSecurityGroupRuleDescriptionsIngress',
'WithdrawByoipCidr'
],
'Permissions management': [
'CancelImageLaunchPermission',
'CreateCoipPoolPermission',
'CreateLocalGatewayRouteTablePermission',
'CreateNetworkInterfacePermission',
'DeleteCoipPoolPermission',
'DeleteLocalGatewayRouteTablePermission',
'DeleteNetworkInterfacePermission',
'DeleteResourcePolicy',
'DisableImageBlockPublicAccess',
'DisableSnapshotBlockPublicAccess',
'EnableImageBlockPublicAccess',
'EnableSnapshotBlockPublicAccess',
'ModifySnapshotAttribute',
'ModifyVpcEndpointServicePermissions',
'PutResourcePolicy',
'ResetSnapshotAttribute'
],
Tagging: [
'CreateTags',
'DeleteTags'
],
List: [
'DescribeAccountAttributes',
'DescribeAddressTransfers',
'DescribeAddresses',
'DescribeAddressesAttribute',
'DescribeAggregateIdFormat',
'DescribeAvailabilityZones',
'DescribeAwsNetworkPerformanceMetricSubscriptions',
'DescribeBundleTasks',
'DescribeByoipCidrs',
'DescribeCapacityBlockExtensionHistory',
'DescribeCapacityBlockExtensionOfferings',
'DescribeCapacityBlockOfferings',
'DescribeCapacityBlockStatus',
'DescribeCapacityBlocks',
'DescribeCapacityManagerDataExports',
'DescribeCapacityReservationBillingRequests',
'DescribeCapacityReservationFleets',
'DescribeCapacityReservations',
'DescribeCarrierGateways',
'DescribeClassicLinkInstances',
'DescribeClientVpnAuthorizationRules',
'DescribeClientVpnConnections',
'DescribeClientVpnEndpoints',
'DescribeClientVpnRoutes',
'DescribeClientVpnTargetNetworks',
'DescribeCoipPools',
'DescribeConversionTasks',
'DescribeCustomerGateways',
'DescribeDeclarativePoliciesReports',
'DescribeDhcpOptions',
'DescribeEgressOnlyInternetGateways',
'DescribeElasticGpus',
'DescribeExportImageTasks',
'DescribeExportTasks',
'DescribeFastLaunchImages',
'DescribeFastSnapshotRestores',
'DescribeFleetHistory',
'DescribeFleetInstances',
'DescribeFleets',
'DescribeFlowLogs',
'DescribeFpgaImageAttribute',
'DescribeFpgaImages',
'DescribeHostReservationOfferings',
'DescribeHostReservations',
'DescribeHosts',
'DescribeIamInstanceProfileAssociations',
'DescribeIdFormat',
'DescribeIdentityIdFormat',
'DescribeImageAttribute',
'DescribeImageReferences',
'DescribeImageUsageReportEntries',
'DescribeImageUsageReports',
'DescribeImages',
'DescribeImportImageTasks',
'DescribeImportSnapshotTasks',
'DescribeInstanceAttribute',
'DescribeInstanceConnectEndpoints',
'DescribeInstanceCreditSpecifications',
'DescribeInstanceEventNotificationAttributes',
'DescribeInstanceEventWindows',
'DescribeInstanceImageMetadata',
'DescribeInstanceStatus',
'DescribeInstanceTopology',
'DescribeInstanceTypeOfferings',
'DescribeInstanceTypes',
'DescribeInstances',
'DescribeInternetGateways',
'DescribeIpamByoasn',
'DescribeIpamExternalResourceVerificationTokens',
'DescribeIpamPools',
'DescribeIpamResourceDiscoveries',
'DescribeIpamResourceDiscoveryAssociations',
'DescribeIpamScopes',
'DescribeIpams',
'DescribeIpv6Pools',
'DescribeKeyPairs',
'DescribeLaunchTemplateVersions',
'DescribeLaunchTemplates',
'DescribeLocalGatewayRouteTablePermissions',
'DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations',
'DescribeLocalGatewayRouteTableVpcAssociations',
'DescribeLocalGatewayRouteTables',
'DescribeLocalGatewayVirtualInterfaceGroups',
'DescribeLocalGatewayVirtualInterfaces',
'DescribeLocalGateways',
'DescribeLockedSnapshots',
'DescribeMacHosts',
'DescribeMacModificationTasks',
'DescribeManagedPrefixLists',
'DescribeMovingAddresses',
'DescribeNatGateways',
'DescribeNetworkAcls',
'DescribeNetworkInsightsAccessScopeAnalyses',
'DescribeNetworkInsightsAccessScopes',
'DescribeNetworkInsightsAnalyses',
'DescribeNetworkInsightsPaths',
'DescribeNetworkInterfaceAttribute',
'DescribeNetworkInterfacePermissions',
'DescribeNetworkInterfaces',
'DescribeOutpostLags',
'DescribePlacementGroups',
'DescribePrefixLists',
'DescribePrincipalIdFormat',
'DescribePublicIpv4Pools',
'DescribeRegions',
'DescribeReplaceRootVolumeTasks',
'DescribeReservedInstances',
'DescribeReservedInstancesListings',
'DescribeReservedInstancesModifications',
'DescribeReservedInstancesOfferings',
'DescribeRouteServerEndpoints',
'DescribeRouteServerPeers',
'DescribeRouteServers',
'DescribeRouteTables',
'DescribeScheduledInstanceAvailability',
'DescribeScheduledInstances',
'DescribeSecurityGroupReferences',
'DescribeSecurityGroupRules',
'DescribeSecurityGroupVpcAssociations',
'DescribeSecurityGroups',
'DescribeServiceLinkVirtualInterfaces',
'DescribeSnapshotAttribute',
'DescribeSnapshotTierStatus',
'DescribeSnapshots',
'DescribeSpotDatafeedSubscription',
'DescribeSpotFleetInstances',
'DescribeSpotFleetRequestHistory',
'DescribeSpotFleetRequests',
'DescribeSpotInstanceRequests',
'DescribeSpotPriceHistory',
'DescribeStaleSecurityGroups',
'DescribeStoreImageTasks',
'DescribeSubnets',
'DescribeTags',
'DescribeTrafficMirrorFilterRules',
'DescribeTrafficMirrorFilters',
'DescribeTrafficMirrorSessions',
'DescribeTrafficMirrorTargets',
'DescribeTransitGatewayAttachments',
'DescribeTransitGatewayConnectPeers',
'DescribeTransitGatewayConnects',
'DescribeTransitGatewayMulticastDomains',
'DescribeTransitGatewayPeeringAttachments',
'DescribeTransitGatewayPolicyTables',
'DescribeTransitGatewayRouteTableAnnouncements',
'DescribeTransitGatewayRouteTables',
'DescribeTransitGatewayVpcAttachments',
'DescribeTransitGateways',
'DescribeTrunkInterfaceAssociations',
'DescribeVerifiedAccessEndpoints',
'DescribeVerifiedAccessGroups',
'DescribeVerifiedAccessInstanceLoggingConfigurations',
'DescribeVerifiedAccessInstanceWebAclAssociations',
'DescribeVerifiedAccessInstances',
'DescribeVerifiedAccessTrustProviders',
'DescribeVolumeAttribute',
'DescribeVolumeStatus',
'DescribeVolumes',
'DescribeVolumesModifications',
'DescribeVpcAttribute',
'DescribeVpcBlockPublicAccessExclusions',
'DescribeVpcBlockPublicAccessOptions',
'DescribeVpcClassicLink',
'DescribeVpcClassicLinkDnsSupport',
'DescribeVpcEndpointAssociations',
'DescribeVpcEndpointConnectionNotifications',
'DescribeVpcEndpointConnections',
'DescribeVpcEndpointServiceConfigurations',
'DescribeVpcEndpointServicePermissions',
'DescribeVpcEndpointServices',
'DescribeVpcEndpoints',
'DescribeVpcPeeringConnections',
'DescribeVpcs',
'DescribeVpnConnections',
'DescribeVpnGateways',
'GetGroupsForCapacityReservation',
'GetInstanceMetadataDefaults',
'GetInstanceTypesFromInstanceRequirements',
'GetIpamPoolAllocations',
'GetTransitGatewayAttachmentPropagations',
'GetTransitGatewayMulticastDomainAssociations',
'GetTransitGatewayPolicyTableAssociations',
'GetTransitGatewayPolicyTableEntries',
'GetTransitGatewayPrefixListReferences',
'GetTransitGatewayRouteTableAssociations',
'GetTransitGatewayRouteTablePropagations',
'GetVerifiedAccessEndpointPolicy',
'GetVerifiedAccessEndpointTargets',
'GetVerifiedAccessGroupPolicy',
'GetVerifiedAccessInstanceWebAcl',
'GetVpnConnectionDeviceSampleConfiguration',
'GetVpnConnectionDeviceTypes',
'GetVpnTunnelReplacementStatus',
'ListImagesInRecycleBin',
'ListSnapshotsInRecycleBin',
'SearchLocalGatewayRoutes',
'SearchTransitGatewayMulticastGroups',
'SearchTransitGatewayRoutes'
],
Read: [
'ExportClientVpnClientCertificateRevocationList',
'ExportClientVpnClientConfiguration',
'ExportVerifiedAccessInstanceClientConfiguration',
'GetActiveVpnTunnelStatus',
'GetAllowedImagesSettings',
'GetAssociatedEnclaveCertificateIamRoles',
'GetAssociatedIpv6PoolCidrs',
'GetAwsNetworkPerformanceData',
'GetCapacityManagerAttributes',
'GetCapacityManagerMetricData',
'GetCapacityManagerMetricDimensions',
'GetCapacityReservationUsage',
'GetCoipPoolUsage',
'GetConsoleOutput',
'GetConsoleScreenshot',
'GetDeclarativePoliciesReportSummary',
'GetDefaultCreditSpecification',
'GetEbsDefaultKmsKeyId',
'GetEbsEncryptionByDefault',
'GetFlowLogsIntegrationTemplate',
'GetHostReservationPurchasePreview',
'GetImageBlockPublicAccessState',
'GetInstanceTpmEkPub',
'GetInstanceUefiData',
'GetIpamAddressHistory',
'GetIpamDiscoveredAccounts',
'GetIpamDiscoveredPublicAddresses',
'GetIpamDiscoveredResourceCidrs',
'GetIpamPoolCidrs',
'GetIpamResourceCidrs',
'GetLaunchTemplateData',
'GetManagedPrefixListAssociations',
'GetManagedPrefixListEntries',
'GetNetworkInsightsAccessScopeAnalysisFindings',
'GetNetworkInsightsAccessScopeContent',
'GetPasswordData',
'GetReservedInstancesExchangeQuote',
'GetResourcePolicy',
'GetRouteServerAssociations',
'GetRouteServerPropagations',
'GetRouteServerRoutingDatabase',
'GetSecurityGroupsForVpc',
'GetSerialConsoleAccessStatus',
'GetSnapshotBlockPublicAccessState',
'GetSpotPlacementScores',
'GetSubnetCidrReservations',
'StartDeclarativePoliciesReport'
]
};
}
/**
* Grants permission to accept an Elastic IP address transfer
*
* Access Level: Write
*
* Possible conditions:
* - .ifRegion()
*
* Dependent actions:
* - ec2:CreateTags
*
* https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AcceptAddressTransfer.html
*/
toAcceptAddressTransfer() {
return this.to('AcceptAddressTransfer');
}
/**
* Grants permission to accept assign billing of the available capacity of a shared Capacity Reservation to the calling account
*
* Access Level: Write
*
* Possible conditions:
* - .ifRegion()
*
* https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AcceptCapacityReservationBillingOwnership.html
*/
toAcceptCapacityReservationBillingOwnership() {
return this.to('AcceptCapacityReservationBillingOwnership');
}
/**
* Grants permission to accept a Convertible Reserved Instance exchange quote
*
* Access Level: Write
*
* Possible conditions:
* - .ifRegion()
*
* https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AcceptReservedInstancesExchangeQuote.html
*/
toAcceptReservedInstancesExchangeQuote() {
return this.to('AcceptReservedInstancesExchangeQuote');
}
/**
* Grants permission to accept a request to associate subnets with a transit gateway multicast domain
*
* Access Level: Write
*
* Possible conditions:
* - .ifRegion()
*
* https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AcceptTransitGatewayMulticastDomainAssociations.html
*/
toAcceptTransitGatewayMulticastDomainAssociations() {
return this.to('AcceptTransitGatewayMulticastDomainAssociations');
}
/**
* Grants permission to accept a transit gateway peering attachment request
*
* Access Level: Write
*
* Possible conditions:
* - .ifRegion()
*
* https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AcceptTransitGatewayPeeringAttachment.html
*/
toAcceptTransitGatewayPeeringAttachment() {
return this.to('AcceptTransitGatewayPeeringAttachment');
}
/**
* Grants permission to accept a request to attach a VPC to a transit gateway
*
* Access Level: Write
*
* Possible conditions:
* - .ifRegion()
*
* https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AcceptTransitGatewayVpcAttachment.html
*/
toAcceptTransitGatewayVpcAttachment() {
return this.to('AcceptTransitGatewayVpcAttachment');
}
/**
* Grants permission to accept one or more interface VPC endpoint connections to your VPC endpoint service
*
* Access Level: Write
*
* Possible conditions:
* - .ifRegion()
*
* https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AcceptVpcEndpointConnections.html
*/
toAcceptVpcEndpointConnections() {
return this.to('AcceptVpcEndpointConnections');
}
/**
* Grants permission to accept a VPC peering connection request
*
* Access Level: Write
*
* Possible conditions:
* - .ifRegion()
*
* https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AcceptVpcPeeringConnection.html
*/
toAcceptVpcPeeringConnection() {
return this.to('AcceptVpcPeeringConnection');
}
/**
* Grants permission to advertise an IP address range that is provisioned for use in AWS through bring your own IP addresses (BYOIP)
*
* Access Level: Write
*
* Possible conditions:
* - .ifRegion()
*
* https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AdvertiseByoipCidr.html
*/
toAdvertiseByoipCidr() {
return this.to('AdvertiseByoipCidr');
}
/**
* Grants permission to allocate an Elastic IP address (EIP) to your account
*
* Access Level: Write
*
* Possible conditions:
* - .ifRegion()
*
* Dependent actions:
* - ec2:CreateTags
*
* https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AllocateAddress.html
*/
toAllocateAddress() {
return this.to('AllocateAddress');
}
/**
* Grants permission to allocate a Dedicated Host to your account
*
* Access Level: Write
*
* Possible conditions:
* - .ifRegion()
*
* Dependent actions:
* - ec2:CreateTags
*
* https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AllocateHosts.html
*/
toAllocateHosts() {
return this.to('AllocateHosts');
}
/**
* Grants permission to allocate a CIDR from an Amazon VPC IP Address Manager (IPAM) pool
*
* Access Level: Write
*
* Possible conditions:
* - .ifRegion()
*
* https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AllocateIpamPoolCidr.html
*/
toAllocateIpamPoolCidr() {
return this.to('AllocateIpamPoolCidr');
}
/**
* Grants permission to apply a security group to the association between a Client VPN endpoint and a target network
*
* Access Level: Write
*
* Possible conditions:
* - .ifRegion()
*
* https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ApplySecurityGroupsToClientVpnTargetNetwork.html
*/
toApplySecurityGroupsToClientVpnTargetNetwork() {
return this.to('ApplySecurityGroupsToClientVpnTargetNetwork');
}
/**
* Grants permission to assign one or more IPv6 addresses to a network interface
*
* Access Level: Write
*
* Possible conditions:
* - .ifRegion()
*
* https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssignIpv6Addresses.html
*/
toAssignIpv6Addresses() {
return this.to('AssignIpv6Addresses');
}
/**
* Grants permission to assign one or more secondary private IP addresses to a network interface
*
* Access Level: Write
*
* Possible conditions:
* - .ifRegion()
*
* https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssignPrivateIpAddresses.html
*/
toAssignPrivateIpAddresses() {
return this.to('AssignPrivateIpAddresses');
}
/**
* Grants permission to assign one or more secondary private IP addresses to a private NAT gateway
*
* Access Level: Write
*
* Possible conditions:
* - .ifRegion()
*
* https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssignPrivateNatGatewayAddress.html
*/
toAssignPrivateNatGatewayAddress() {
return this.to('AssignPrivateNatGatewayAddress');
}
/**
* Grants permission to associate an Elastic IP address (EIP) with an instance or a network interface
*
* Access Level: Write
*
* Possible conditions:
* - .ifRegion()
*
* https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateAddress.html
*/
toAssociateAddress() {
return this.to('AssociateAddress');
}
/**
* Grants permission to assign billing of the unused capacity of a shared Capacity Reservation to a consumer account
*
* Access Level: Write
*
* Possible conditions:
* - .ifRegion()
*
* https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateCapacityReservationBillingOwner.html
*/
toAssociateCapacityReservationBillingOwner() {
return this.to('AssociateCapacityReservationBillingOwner');
}
/**
* Grants permission to associate a target network with a Client VPN endpoint
*
* Access Level: Write
*
* Possible conditions:
* - .ifRegion()
*
* https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateClientVpnTargetNetwork.html
*/
toAssociateClientVpnTargetNetwork() {
return this.to('AssociateClientVpnTargetNetwork');
}
/**
* Grants permission to associate or disassociate a set of DHCP options with a VPC
*
* Access Level: Write
*
* Possible conditions:
* - .ifRegion()
*
* https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateDhcpOptions.html
*/
toAssociateDhcpOptions() {
return this.to('AssociateDhcpOptions');
}
/**
* Grants permission to associate an ACM certificate with an IAM role to be used in an EC2 Enclave
*
* Access Level: Write
*
* Possible conditions:
* - .ifRegion()
*
* https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateEnclaveCertificateIamRole.html
*/
toAssociateEnclaveCertificateIamRole() {
return this.to('AssociateEnclaveCertificateIamRole');
}
/**
* Grants permission to associate an IAM instance profile with a running or stopped instance
*
* Access Level: Write
*
* Possible conditions:
* - .ifRegion()
*
* Dependent actions:
* - iam:PassRole
*
* https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateIamInstanceProfile.html
*/
toAssociateIamInstanceProfile() {
return this.to('AssociateIamInstanceProfile');
}
/**
* Grants permission to associate one or more targets with an event window
*
* Access Level: Write
*
* Possible conditions:
* - .ifRegion()
*
* https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateInstanceEventWindow.html
*/
toAssociateInstanceEventWindow() {
return this.to('AssociateInstanceEventWindow');
}
/**
* Grants permission to associate an Autonomous System Number (ASN) with a BYOIP CIDR
*
* Access Level: Write
*
* Possible conditions:
* - .ifRegion()
*
* https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateIpamByoasn.html
*/
toAssociateIpamByoasn() {
return this.to('AssociateIpamByoasn');
}
/**
* Grants permission to associate an IPAM resource discovery with an Amazon VPC IPAM
*
* Access Level: Write
*
* Possible conditions:
* - .ifRegion()
*
* Dependent actions:
* - ec2:CreateTags
*
* https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateIpamResourceDiscovery.html
*/
toAssociateIpamResourceDiscovery() {
return this.to('AssociateIpamResourceDiscovery');
}
/**
* Grants permission to associate an Elastic IP address and private IP address with a public Nat gateway
*
* Access Level: Write
*
* Possible conditions:
* - .ifRegion()
*
* https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateNatGatewayAddress.html
*/
toAssociateNatGatewayAddress() {
return this.to('AssociateNatGatewayAddress');
}
/**
* Grants permission to associate a route server with a VPC
*
* Access Level: Write
*
* Possible conditions:
* - .ifRegion()
*
* https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateRouteServer.html
*/
toAssociateRouteServer() {
return this.to('AssociateRouteServer');
}
/**
* Grants permission to associate a subnet or gateway with a route table
*
* Access Level: Write
*
* Possible conditions:
* - .ifRegion()
*
* https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateRouteTable.html
*/
toAssociateRouteTable() {
return this.to('AssociateRouteTable');
}
/**
* Grants permission to associate a security group with another VPC in the same Region
*
* Access Level: Write
*
* Possible conditions:
* - .ifRegion()
*
* https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateSecurityGroupVpc.html
*/
toAssociateSecurityGroupVpc() {
return this.to('AssociateSecurityGroupVpc');
}
/**
* Grants permission to associate a CIDR block with a subnet
*
* Access Level: Write
*
* Possible conditions:
* - .ifRegion()
*
* https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateSubnetCidrBlock.html
*/
toAssociateSubnetCidrBlock() {
return this.to('AssociateSubnetCidrBlock');
}
/**
* Grants permission to associate an attachment and list of subnets with a transit gateway multicast domain
*
* Access Level: Write
*
* Possible conditions:
* - .ifRegion()
*
* https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateTransitGatewayMulticastDomain.html
*/
toAssociateTransitGatewayMulticastDomain() {
return this.to('AssociateTransitGatewayMulticastDomain');
}
/**
* Grants permission to associate a policy table with a transit gateway attachment
*
* Access Level: Write
*
* Possible conditions:
* - .ifRegion()
*
* https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateTransitGatewayPolicyTable.html
*/
toAssociateTransitGatewayPolicyTable() {
return this.to('AssociateTransitGatewayPolicyTable');
}
/**
* Grants permission to associate an attachment with a transit gateway route table
*
* Access Level: Write
*
* Possible conditions:
* - .ifRegion()
*
* https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateTransitGatewayRouteTable.html
*/
toAssociateTransitGatewayRouteTable() {
return this.to('AssociateTransitGatewayRouteTable');
}
/**
* Grants permission to associate a branch network interface with a trunk network interface
*
* Access Level: Write
*
* Possible conditions:
* - .ifRegion()
*
* https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateTrunkInterface.html
*/
toAssociateTrunkInterface() {
return this.to('AssociateTrunkInterface');
}
/**
* Grants permission to associate an AWS Web Application Firewall (WAF) web access control list (ACL) with a Verified Access instance
*
* Access Level: Write
*
* Possible conditions:
* - .ifRegion()
*
* https://docs.aws.amazon.com/verified-access/latest/ug/waf-integration.html
*/
toAssociateVerifiedAccessInstanceWebAcl() {
return this.to('AssociateVerifiedAccessInstanceWebAcl');
}
/**
* Grants permission to associate a CIDR block with a VPC
*
* Access Level: Write
*
* Possible conditions:
* - .ifRegion()
*
* https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateVpcCidrBlock.html
*/
toAssociateVpcCidrBlock() {
return this.to('AssociateVpcCidrBlock');
}
/**
* Grants permission to link an EC2-Classic instance to a ClassicLink-enabled VPC through one or more of the VPC's security groups
*
* Access Level: Write
*
* Possible conditions:
* - .ifRegion()
*
* https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AttachClassicLinkVpc.html
*/
toAttachClassicLinkVpc() {
return this.to('AttachClassicLinkVpc');
}
/**
* Grants permission to attach an internet gateway to a VPC
*
* Access Level: Write
*
* Possible conditions:
* - .ifRegion()
*
* https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AttachInternetGateway.html
*/
toA