iam-floyd

import { AccessLevelList } from '../../shared/access-level'; import { PolicyStatement, Operator } from '../../shared'; /** * Statement provider for service [imagebuilder](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonec2imagebuilder.html). * * @param sid [SID](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_sid.html) of the statement */ export declare class Imagebuilder extends PolicyStatement { servicePrefix: string; /** * Statement provider for service [imagebuilder](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonec2imagebuilder.html). * * @param sid [SID](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_sid.html) of the statement */ constructor(sid?: string); /** * Grants permission to cancel an image creation * * Access Level: Write * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_CancelImageCreation.html */ toCancelImageCreation(): this; /** * Grants permission to cancel a lifecycle execution * * Access Level: Write * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_CancelLifecycleExecution.html */ toCancelLifecycleExecution(): this; /** * Grants permission to create a new component * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * Dependent actions: * - imagebuilder:TagResource * - kms:Encrypt * - kms:GenerateDataKey * - kms:GenerateDataKeyWithoutPlaintext * - s3:GetObject * - s3:ListBucket * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_CreateComponent.html */ toCreateComponent(): this; /** * Grants permission to create a new Container Recipe * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * Dependent actions: * - ec2:DescribeImages * - ecr:DescribeImages * - ecr:DescribeRepositories * - imagebuilder:GetComponent * - imagebuilder:GetImage * - imagebuilder:TagResource * - kms:Encrypt * - kms:GenerateDataKey * - kms:GenerateDataKeyWithoutPlaintext * - s3:GetObject * - s3:ListBucket * - ssm:GetParameter * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_CreateContainerRecipe.html */ toCreateContainerRecipe(): this; /** * Grants permission to create a new distribution configuration * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * Dependent actions: * - ec2:CreateLaunchTemplateVersion * - ec2:DescribeLaunchTemplates * - ec2:ModifyLaunchTemplate * - imagebuilder:TagResource * - s3:ListBucket * - ssm:GetParameter * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_CreateDistributionConfiguration.html */ toCreateDistributionConfiguration(): this; /** * Grants permission to create a new image * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * Dependent actions: * - ecr:BatchGetRepositoryScanningConfiguration * - ecr:DescribeRepositories * - iam:CreateServiceLinkedRole * - iam:PassRole * - imagebuilder:GetContainerRecipe * - imagebuilder:GetDistributionConfiguration * - imagebuilder:GetImageRecipe * - imagebuilder:GetInfrastructureConfiguration * - imagebuilder:GetWorkflow * - imagebuilder:TagResource * - inspector2:BatchGetAccountStatus * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_CreateImage.html */ toCreateImage(): this; /** * Grants permission to create a new image pipeline * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * Dependent actions: * - ecr:BatchGetRepositoryScanningConfiguration * - ecr:DescribeRepositories * - iam:CreateServiceLinkedRole * - iam:PassRole * - imagebuilder:GetContainerRecipe * - imagebuilder:GetDistributionConfiguration * - imagebuilder:GetImageRecipe * - imagebuilder:GetInfrastructureConfiguration * - imagebuilder:GetWorkflow * - imagebuilder:TagResource * - inspector2:BatchGetAccountStatus * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_CreateImagePipeline.html */ toCreateImagePipeline(): this; /** * Grants permission to create a new Image Recipe * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * Dependent actions: * - ec2:DescribeImages * - imagebuilder:GetComponent * - imagebuilder:GetImage * - imagebuilder:TagResource * - ssm:GetParameter * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_CreateImageRecipe.html */ toCreateImageRecipe(): this; /** * Grants permission to create a new infrastructure configuration * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * - .ifCreatedResourceTagKeys() * - .ifCreatedResourceTag() * - .ifEc2MetadataHttpTokens() * - .ifStatusTopicArn() * * Dependent actions: * - ec2:DescribeAvailabilityZones * - ec2:DescribeHosts * - iam:PassRole * - imagebuilder:TagResource * - resource-groups:GetGroup * - sns:Publish * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_CreateInfrastructureConfiguration.html */ toCreateInfrastructureConfiguration(): this; /** * Grants permission to create a new lifecycle policy * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * - .ifLifecyclePolicyResourceType() * * Dependent actions: * - iam:PassRole * - imagebuilder:TagResource * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_CreateLifecyclePolicy.html */ toCreateLifecyclePolicy(): this; /** * Grants permission to create a new workflow * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * Dependent actions: * - imagebuilder:TagResource * - kms:Encrypt * - kms:GenerateDataKey * - kms:GenerateDataKeyWithoutPlaintext * - s3:GetObject * - s3:ListBucket * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_CreateWorkflow.html */ toCreateWorkflow(): this; /** * Grants permission to delete a component * * Access Level: Write * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_DeleteComponent.html */ toDeleteComponent(): this; /** * Grants permission to delete a container recipe * * Access Level: Write * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_DeleteContainerRecipe.html */ toDeleteContainerRecipe(): this; /** * Grants permission to delete a distribution configuration * * Access Level: Write * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_DeleteDistributionConfiguration.html */ toDeleteDistributionConfiguration(): this; /** * Grants permission to delete an image * * Access Level: Write * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_DeleteImage.html */ toDeleteImage(): this; /** * Grants permission to delete an image pipeline * * Access Level: Write * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_DeleteImagePipeline.html */ toDeleteImagePipeline(): this; /** * Grants permission to delete an image recipe * * Access Level: Write * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_DeleteImageRecipe.html */ toDeleteImageRecipe(): this; /** * Grants permission to delete an infrastructure configuration * * Access Level: Write * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_DeleteInfrastructureConfiguration.html */ toDeleteInfrastructureConfiguration(): this; /** * Grants permission to delete a lifecycle policy * * Access Level: Write * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_DeleteLifecyclePolicy.html */ toDeleteLifecyclePolicy(): this; /** * Grants permission to delete a workflow * * Access Level: Write * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_DeleteWorkflow.html */ toDeleteWorkflow(): this; /** * Grants permission to distribute an image * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * Dependent actions: * - ec2:DescribeImages * - iam:PassRole * - imagebuilder:GetDistributionConfiguration * - imagebuilder:GetImage * - imagebuilder:TagResource * - ssm:GetParameter * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_DistributeImage.html */ toDistributeImage(): this; /** * Grants permission to view details about a component * * Access Level: Read * * Dependent actions: * - kms:Decrypt * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_GetComponent.html */ toGetComponent(): this; /** * Grants permission to view the resource policy associated with a component * * Access Level: Read * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_GetComponentPolicy.html */ toGetComponentPolicy(): this; /** * Grants permission to view details about a container recipe * * Access Level: Read * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_GetContainerRecipe.html */ toGetContainerRecipe(): this; /** * Grants permission to view the resource policy associated with a container recipe * * Access Level: Read * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_GetContainerRecipePolicy.html */ toGetContainerRecipePolicy(): this; /** * Grants permission to view details about a distribution configuration * * Access Level: Read * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_GetDistributionConfiguration.html */ toGetDistributionConfiguration(): this; /** * Grants permission to view details about an image * * Access Level: Read * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_GetImage.html */ toGetImage(): this; /** * Grants permission to view details about an image pipeline * * Access Level: Read * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_GetImagePipeline.html */ toGetImagePipeline(): this; /** * Grants permission to view the resource policy associated with an image * * Access Level: Read * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_GetImagePolicy.html */ toGetImagePolicy(): this; /** * Grants permission to view details about an image recipe * * Access Level: Read * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_GetImageRecipe.html */ toGetImageRecipe(): this; /** * Grants permission to view the resource policy associated with an image recipe * * Access Level: Read * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_GetImageRecipePolicy.html */ toGetImageRecipePolicy(): this; /** * Grants permission to view details about an infrastructure configuration * * Access Level: Read * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_GetInfrastructureConfiguration.html */ toGetInfrastructureConfiguration(): this; /** * Grants permission to view details about a lifecycle execution * * Access Level: Read * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_GetLifecycleExecution.html */ toGetLifecycleExecution(): this; /** * Grants permission to view details about a lifecycle policy * * Access Level: Read * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_GetLifecyclePolicy.html */ toGetLifecyclePolicy(): this; /** * Grants permission to retrieve Marketplace provided resource * * Access Level: Read * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_GetMarketplaceResource.html */ toGetMarketplaceResource(): this; /** * Grants permission to view details about a workflow * * Access Level: Read * * Dependent actions: * - kms:Decrypt * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_GetWorkflow.html */ toGetWorkflow(): this; /** * Grants permission to view details about a workflow execution * * Access Level: Read * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_GetWorkflowExecution.html */ toGetWorkflowExecution(): this; /** * Grants permission to view details about a workflow step execution * * Access Level: Read * * Dependent actions: * - kms:Decrypt * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_GetWorkflowStepExecution.html */ toGetWorkflowStepExecution(): this; /** * Grants permission to import a new component * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * Dependent actions: * - imagebuilder:TagResource * - kms:Encrypt * - kms:GenerateDataKey * - kms:GenerateDataKeyWithoutPlaintext * - s3:GetObject * - s3:ListBucket * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ImportComponent.html */ toImportComponent(): this; /** * Grants permission to import a disk image * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * Dependent actions: * - iam:CreateServiceLinkedRole * - iam:PassRole * - imagebuilder:GetInfrastructureConfiguration * - imagebuilder:GetWorkflow * - imagebuilder:TagResource * - s3:GetObject * - s3:ListBucket * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ImportDiskImage.html */ toImportDiskImage(): this; /** * Grants permission to import an image * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * Dependent actions: * - ec2:DescribeImages * - ec2:DescribeImportImageTasks * - iam:CreateServiceLinkedRole * - imagebuilder:TagResource * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ImportVmImage.html */ toImportVmImage(): this; /** * Grants permission to list the component build versions in your account * * Access Level: List * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListComponentBuildVersions.html */ toListComponentBuildVersions(): this; /** * Grants permission to list the component versions owned by or shared with your account * * Access Level: List * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListComponents.html */ toListComponents(): this; /** * Grants permission to list the container recipes owned by or shared with your account * * Access Level: List * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListContainerRecipes.html */ toListContainerRecipes(): this; /** * Grants permission to list the distribution configurations in your account * * Access Level: List * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListDistributionConfigurations.html */ toListDistributionConfigurations(): this; /** * Grants permission to list the image build versions in your account * * Access Level: List * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListImageBuildVersions.html */ toListImageBuildVersions(): this; /** * Grants permission to return a list of packages installed on the specified image * * Access Level: List * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListImagePackages.html */ toListImagePackages(): this; /** * Grants permission to return a list of images created by the specified pipeline * * Access Level: List * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListImagePipelineImages.html */ toListImagePipelineImages(): this; /** * Grants permission to list the image pipelines in your account * * Access Level: List * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListImagePipelines.html */ toListImagePipelines(): this; /** * Grants permission to list the image recipes owned by or shared with your account * * Access Level: List * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListImageRecipes.html */ toListImageRecipes(): this; /** * Grants permission to list aggregations on the image scan findings in your account * * Access Level: List * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListImageScanFindingAggregations.html */ toListImageScanFindingAggregations(): this; /** * Grants permission to list the image scan findings for the images in your account * * Access Level: List * * Dependent actions: * - inspector2:ListFindings * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListImageScanFindings.html */ toListImageScanFindings(): this; /** * Grants permission to list the image versions owned by or shared with your account * * Access Level: List * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListImages.html */ toListImages(): this; /** * Grants permission to list the infrastructure configurations in your account * * Access Level: List * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListInfrastructureConfigurations.html */ toListInfrastructureConfigurations(): this; /** * Grants permission to list resources for the specified lifecycle execution * * Access Level: List * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListLifecycleExecutionResources.html */ toListLifecycleExecutionResources(): this; /** * Grants permission to list lifecycle executions for the specified resource * * Access Level: List * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListLifecycleExecutions.html */ toListLifecycleExecutions(): this; /** * Grants permission to list the lifecycle policies in your account * * Access Level: List * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListLifecyclePolicies.html */ toListLifecyclePolicies(): this; /** * Grants permission to list tags for an Image Builder resource * * Access Level: Read * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListTagsForResource.html */ toListTagsForResource(): this; /** * Grants permission to list waiting workflow steps for the caller account * * Access Level: List * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListWaitingWorkflowSteps.html */ toListWaitingWorkflowSteps(): this; /** * Grants permission to list the workflow build versions in your account * * Access Level: List * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListWorkflowBuildVersions.html */ toListWorkflowBuildVersions(): this; /** * Grants permission to list workflow executions for the specified image * * Access Level: List * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListWorkflowExecutions.html */ toListWorkflowExecutions(): this; /** * Grants permission to list workflow step executions for the specified workflow * * Access Level: List * * Dependent actions: * - kms:Decrypt * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListWorkflowStepExecutions.html */ toListWorkflowStepExecutions(): this; /** * Grants permission to list the workflow versions owned by or shared with your account * * Access Level: List * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListWorkflows.html */ toListWorkflows(): this; /** * Grants permission to set the resource policy associated with a component * * Access Level: Permissions management * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_PutComponentPolicy.html */ toPutComponentPolicy(): this; /** * Grants permission to set the resource policy associated with a container recipe * * Access Level: Permissions management * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_PutContainerRecipePolicy.html */ toPutContainerRecipePolicy(): this; /** * Grants permission to set the resource policy associated with an image * * Access Level: Permissions management * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_PutImagePolicy.html */ toPutImagePolicy(): this; /** * Grants permission to set the resource policy associated with an image recipe * * Access Level: Permissions management * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_PutImageRecipePolicy.html */ toPutImageRecipePolicy(): this; /** * Grants permission to retry an image creation * * Access Level: Write * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_RetryImage.html */ toRetryImage(): this; /** * Grants permission to send an action to a workflow step * * Access Level: Write * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_SendWorkflowStepAction.html */ toSendWorkflowStepAction(): this; /** * Grants permission to create a new image from a pipeline * * Access Level: Write * * Possible conditions: * - .ifAwsRequestTag() * - .ifAwsTagKeys() * * Dependent actions: * - iam:CreateServiceLinkedRole * - imagebuilder:GetImagePipeline * - imagebuilder:TagResource * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_StartImagePipelineExecution.html */ toStartImagePipelineExecution(): this; /** * Grants permission to start a state update for the specified resource * * Access Level: Write * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_StartResourceStateUpdate.html */ toStartResourceStateUpdate(): this; /** * Grants permission to tag an Image Builder resource * * Access Level: Tagging * * Possible conditions: * - .ifAwsTagKeys() * - .ifAwsRequestTag() * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_TagResource.html */ toTagResource(): this; /** * Grants permission to untag an Image Builder resource * * Access Level: Tagging * * Possible conditions: * - .ifAwsTagKeys() * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_UntagResource.html */ toUntagResource(): this; /** * Grants permission to update an existing distribution configuration * * Access Level: Write * * Dependent actions: * - ec2:CreateLaunchTemplateVersion * - ec2:DescribeLaunchTemplates * - ec2:ModifyLaunchTemplate * - s3:ListBucket * - ssm:GetParameter * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_UpdateDistributionConfiguration.html */ toUpdateDistributionConfiguration(): this; /** * Grants permission to update an existing image pipeline * * Access Level: Write * * Dependent actions: * - ecr:BatchGetRepositoryScanningConfiguration * - ecr:DescribeRepositories * - iam:CreateServiceLinkedRole * - iam:PassRole * - imagebuilder:GetContainerRecipe * - imagebuilder:GetDistributionConfiguration * - imagebuilder:GetImageRecipe * - imagebuilder:GetInfrastructureConfiguration * - imagebuilder:GetWorkflow * - inspector2:BatchGetAccountStatus * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_UpdateImagePipeline.html */ toUpdateImagePipeline(): this; /** * Grants permission to update an existing infrastructure configuration * * Access Level: Write * * Possible conditions: * - .ifCreatedResourceTagKeys() * - .ifCreatedResourceTag() * - .ifEc2MetadataHttpTokens() * - .ifStatusTopicArn() * * Dependent actions: * - ec2:DescribeAvailabilityZones * - ec2:DescribeHosts * - iam:PassRole * - resource-groups:GetGroup * - sns:Publish * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_UpdateInfrastructureConfiguration.html */ toUpdateInfrastructureConfiguration(): this; /** * Grants permission to update an existing lifecycle policy * * Access Level: Write * * Possible conditions: * - .ifLifecyclePolicyResourceType() * * Dependent actions: * - iam:PassRole * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_UpdateLifecyclePolicy.html */ toUpdateLifecyclePolicy(): this; protected accessLevelList: AccessLevelList; /** * Adds a resource of type component to the statement * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_Component.html * * @param componentName - Identifier for the componentName. * @param componentVersion - Identifier for the componentVersion. * @param componentBuildVersion - Identifier for the componentBuildVersion. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onComponent(componentName: string, componentVersion: string, componentBuildVersion: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type distributionConfiguration to the statement * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_DistributionConfiguration.html * * @param distributionConfigurationName - Identifier for the distributionConfigurationName. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onDistributionConfiguration(distributionConfigurationName: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type image to the statement * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_Image.html * * @param imageName - Identifier for the imageName. * @param imageVersion - Identifier for the imageVersion. * @param imageBuildVersion - Identifier for the imageBuildVersion. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onImage(imageName: string, imageVersion: string, imageBuildVersion: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type imageVersion to the statement * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ImageVersion.html * * @param imageName - Identifier for the imageName. * @param imageVersion - Identifier for the imageVersion. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onImageVersion(imageName: string, imageVersion: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type imageRecipe to the statement * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ImageRecipe.html * * @param imageRecipeName - Identifier for the imageRecipeName. * @param imageRecipeVersion - Identifier for the imageRecipeVersion. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onImageRecipe(imageRecipeName: string, imageRecipeVersion: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type containerRecipe to the statement * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ContainerRecipe.html * * @param containerRecipeName - Identifier for the containerRecipeName. * @param containerRecipeVersion - Identifier for the containerRecipeVersion. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onContainerRecipe(containerRecipeName: string, containerRecipeVersion: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type imagePipeline to the statement * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ImagePipeline.html * * @param imagePipelineName - Identifier for the imagePipelineName. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onImagePipeline(imagePipelineName: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type infrastructureConfiguration to the statement * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_InfrastructureConfiguration.html * * @param resourceId - Identifier for the resourceId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onInfrastructureConfiguration(resourceId: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type lifecycleExecution to the statement * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_LifecycleExecution.html * * @param lifecycleExecutionId - Identifier for the lifecycleExecutionId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. */ onLifecycleExecution(lifecycleExecutionId: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type lifecyclePolicy to the statement * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_LifecyclePolicy.html * * @param lifecyclePolicyName - Identifier for the lifecyclePolicyName. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onLifecyclePolicy(lifecyclePolicyName: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type workflow to the statement * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_Workflow.html * * @param workflowType - Identifier for the workflowType. * @param workflowName - Identifier for the workflowName. * @param workflowVersion - Identifier for the workflowVersion. * @param workflowBuildVersion - Identifier for the workflowBuildVersion. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. * * Possible conditions: * - .ifAwsResourceTag() */ onWorkflow(workflowType: string, workflowName: string, workflowVersion: string, workflowBuildVersion: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type workflowExecution to the statement * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_WorkflowExecutionMetadata.html * * @param workflowExecutionId - Identifier for the workflowExecutionId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. */ onWorkflowExecution(workflowExecutionId: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type workflowStepExecution to the statement * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_WorkflowStepMetadata.html * * @param workflowStepExecutionId - Identifier for the workflowStepExecutionId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. */ onWorkflowStepExecution(workflowStepExecutionId: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type allComponentBuildVersions to the statement * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_Component.html * * @param componentName - Identifier for the componentName. * @param componentVersion - Identifier for the componentVersion. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. */ onAllComponentBuildVersions(componentName: string, componentVersion: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type allImageBuildVersions to the statement * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_Image.html * * @param imageName - Identifier for the imageName. * @param imageVersion - Identifier for the imageVersion. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. */ onAllImageBuildVersions(imageName: string, imageVersion: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type allWorkflowBuildVersions to the statement * * https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_Workflow.html * * @param workflowType - Identifier for the workflowType. * @param workflowName - Identifier for the workflowName. * @param workflowVersion - Identifier for the workflowVersion. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. */ onAllWorkflowBuildVersions(workflowType: string, workflowName: string, workflowVersion: string, account?: string, region?: string, partition?: string): this; /** * Filters access by the presence of tag key-value pairs in the request * * https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-requesttag * * Applies to actions: * - .toCreateComponent() * - .toCreateContainerRecipe() * - .toCreateDistributionConfiguration() * - .toCreateImage() * - .toCreateImagePipeline() * - .toCreateImageRecipe() * - .toCreateInfrastructureConfiguration() * - .toCreateLifecyclePolicy() * - .toCreateWorkflow() * - .toDistributeImage() * - .toImportComponent() * - .toImportDiskImage() * - .toImportVmImage() * - .toStartImagePipelineExecution() * - .toTagResource() * * @param tagKey The tag key to check * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifAwsRequestTag(tagKey: string, value: string | string[], operator?: Operator | string): this; /** * Filters access by tag key-value pairs attached to the resource * * https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-resourcetag * * Applies to resource types: * - component * - distributionConfiguration * - image * - imageVersion * - imageRecipe * - containerRecipe * - imagePipeline * - infrastructureConfiguration * - lifecyclePolicy * - workflow * * @param tagKey The tag key to check * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifAwsResourceTag(tagKey: string, value: string | string[], operator?: Operator | string): this; /** * Filters access by the presence of tag keys in the request * * https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-tagkeys * * Applies to actions: * - .toCreateComponent() * - .toCreateContainerRecipe() * - .toCreateDistributionConfiguration() * - .toCreateImage() * - .toCreateImagePipeline() * - .toCreateImageRecipe() * - .toCreateInfrastructureConfiguration() * - .toCreateLifecyclePolicy() * - .toCreateWorkflow() * - .toDistributeImage() * - .toImportComponent() * - .toImportDiskImage() * - .toImportVmImage() * - .toStartImagePipelineExecution() * - .toTagResource() * - .toUntagResource() * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifAwsTagKeys(value: string | string[], operator?: Operator | string): this; /** * Filters access by the tag key-value pairs attached to the resource created by Image Builder * * https://docs.aws.amazon.com/imagebuilder/latest/userguide/security_iam_service-with-iam.html#image-builder-security-createdresourcetag * * Applies to actions: * - .toCreateInfrastructureConfiguration() * - .toUpdateInfrastructureConfiguration() * * @param tagKey The tag key to check * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifCreatedResourceTag(tagKey: string, value: string | string[], operator?: Operator | string): this; /** * Filters access by the presence of tag keys in the request * * https://docs.aws.amazon.com/imagebuilder/latest/userguide/security_iam_service-with-iam.html#image-builder-security-createdresourcetagkeys * * Applies to actions: * - .toCreateInfrastructureConfiguration() * - .toUpdateInfrastructureConfiguration() * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifCreatedResourceTagKeys(value: string | string[], operator?: Operator | string): this; /** * Filters access by the EC2 Instance Metadata HTTP Token Requirement specified in the request * * https://docs.aws.amazon.com/imagebuilder/latest/userguide/security_iam_service-with-iam.html#image-builder-security-ec2metadatatokens * * Applies to actions: * - .toCreateInfrastructureConfiguration() * - .toUpdateInfrastructureConfiguration() * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifEc2MetadataHttpTokens(value: string | string[], operator?: Operator | string): this; /** * Filters access by the Lifecycle Policy Resource Type specified in the request * * https://docs.aws.amazon.com/imagebuilder/latest/userguide/security_iam_service-with-iam.html#image-builder-security-lifecyclepolicyresourcetype * * Applies to actions: * - .toCreateLifecyclePolicy() * - .toUpdateLifecyclePolicy() * * @param value The value(s) to check * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike` */ ifLifecyclePolicyResourceType(value: string | string[], operator?: Operator | string): this; /** * Filters access by the SNS Topic Arn in the request to which terminal state notifications will be published * * https://docs.aws.amazon.com/imagebuilder/latest/userguide/security_iam_service-with-iam.html#image-builder-security-statustopicarn * * Applies to actions: * - .toCreateInfrastructureConfiguration() * - .toUpdateInfrastructureConfiguration() * * @param value The value(s) to check * @param operator Works with [arn operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_ARN). **Default:** `ArnLike` */ ifStatusTopicArn(value: string | string[], operator?: Operator | string): this; }