iam-floyd
Version:
AWS IAM policy statement generator with fluent interface
1,549 lines • 328 kB
JavaScript
"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.Rds = void 0;
const shared_1 = require("../../shared");
/**
* Statement provider for service [rds](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonrds.html).
*
* @param sid [SID](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_sid.html) of the statement
*/
class Rds extends shared_1.PolicyStatement {
/**
* Statement provider for service [rds](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonrds.html).
*
* @param sid [SID](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_sid.html) of the statement
*/
constructor(sid) {
super(sid);
this.servicePrefix = 'rds';
this.accessLevelList = {
Write: [
'AddRoleToDBCluster',
'AddRoleToDBInstance',
'AddSourceIdentifierToSubscription',
'ApplyPendingMaintenanceAction',
'BacktrackDBCluster',
'CancelExportTask',
'CopyCustomDBEngineVersion',
'CopyDBClusterParameterGroup',
'CopyDBClusterSnapshot',
'CopyDBParameterGroup',
'CopyDBSnapshot',
'CopyOptionGroup',
'CreateBlueGreenDeployment',
'CreateCustomDBEngineVersion',
'CreateDBCluster',
'CreateDBClusterEndpoint',
'CreateDBClusterParameterGroup',
'CreateDBClusterSnapshot',
'CreateDBInstance',
'CreateDBInstanceReadReplica',
'CreateDBParameterGroup',
'CreateDBProxy',
'CreateDBProxyEndpoint',
'CreateDBSecurityGroup',
'CreateDBShardGroup',
'CreateDBSnapshot',
'CreateDBSubnetGroup',
'CreateEventSubscription',
'CreateGlobalCluster',
'CreateIntegration',
'CreateOptionGroup',
'CreateTenantDatabase',
'CrossRegionCommunication',
'DeleteBlueGreenDeployment',
'DeleteCustomDBEngineVersion',
'DeleteDBCluster',
'DeleteDBClusterAutomatedBackup',
'DeleteDBClusterEndpoint',
'DeleteDBClusterParameterGroup',
'DeleteDBClusterSnapshot',
'DeleteDBInstance',
'DeleteDBInstanceAutomatedBackup',
'DeleteDBParameterGroup',
'DeleteDBProxy',
'DeleteDBProxyEndpoint',
'DeleteDBSecurityGroup',
'DeleteDBShardGroup',
'DeleteDBSnapshot',
'DeleteDBSubnetGroup',
'DeleteEventSubscription',
'DeleteGlobalCluster',
'DeleteIntegration',
'DeleteOptionGroup',
'DeleteTenantDatabase',
'DeregisterDBProxyTargets',
'DisableHttpEndpoint',
'EnableHttpEndpoint',
'FailoverDBCluster',
'FailoverGlobalCluster',
'ModifyActivityStream',
'ModifyCertificates',
'ModifyCurrentDBClusterCapacity',
'ModifyCustomDBEngineVersion',
'ModifyDBCluster',
'ModifyDBClusterEndpoint',
'ModifyDBClusterParameterGroup',
'ModifyDBClusterSnapshotAttribute',
'ModifyDBInstance',
'ModifyDBParameterGroup',
'ModifyDBProxy',
'ModifyDBProxyEndpoint',
'ModifyDBProxyTargetGroup',
'ModifyDBRecommendation',
'ModifyDBShardGroup',
'ModifyDBSnapshot',
'ModifyDBSnapshotAttribute',
'ModifyDBSubnetGroup',
'ModifyEventSubscription',
'ModifyGlobalCluster',
'ModifyIntegration',
'ModifyOptionGroup',
'ModifyRecommendation',
'ModifyTenantDatabase',
'PromoteReadReplica',
'PromoteReadReplicaDBCluster',
'PurchaseReservedDBInstancesOffering',
'RebootDBCluster',
'RebootDBInstance',
'RebootDBShardGroup',
'RegisterDBProxyTargets',
'RemoveFromGlobalCluster',
'RemoveRoleFromDBCluster',
'RemoveRoleFromDBInstance',
'RemoveSourceIdentifierFromSubscription',
'ResetDBClusterParameterGroup',
'ResetDBParameterGroup',
'RestoreDBClusterFromS3',
'RestoreDBClusterFromSnapshot',
'RestoreDBClusterToPointInTime',
'RestoreDBInstanceFromDBSnapshot',
'RestoreDBInstanceFromS3',
'RestoreDBInstanceToPointInTime',
'RevokeDBSecurityGroupIngress',
'StartActivityStream',
'StartDBCluster',
'StartDBInstance',
'StartDBInstanceAutomatedBackupsReplication',
'StartExportTask',
'StopActivityStream',
'StopDBCluster',
'StopDBInstance',
'StopDBInstanceAutomatedBackupsReplication',
'SwitchoverBlueGreenDeployment',
'SwitchoverGlobalCluster',
'SwitchoverReadReplica'
],
Tagging: [
'AddTagsToResource',
'RemoveTagsFromResource'
],
'Permissions management': [
'AuthorizeDBSecurityGroupIngress'
],
List: [
'DescribeAccountAttributes',
'DescribeBlueGreenDeployments',
'DescribeCertificates',
'DescribeDBClusterAutomatedBackups',
'DescribeDBClusterBacktracks',
'DescribeDBClusterEndpoints',
'DescribeDBClusterParameterGroups',
'DescribeDBClusterParameters',
'DescribeDBClusterSnapshotAttributes',
'DescribeDBClusterSnapshots',
'DescribeDBClusters',
'DescribeDBEngineVersions',
'DescribeDBInstanceAutomatedBackups',
'DescribeDBInstances',
'DescribeDBLogFiles',
'DescribeDBMajorEngineVersions',
'DescribeDBParameterGroups',
'DescribeDBParameters',
'DescribeDBProxies',
'DescribeDBProxyEndpoints',
'DescribeDBProxyTargetGroups',
'DescribeDBProxyTargets',
'DescribeDBRecommendations',
'DescribeDBSecurityGroups',
'DescribeDBShardGroups',
'DescribeDBSnapshotAttributes',
'DescribeDBSnapshotTenantDatabases',
'DescribeDBSnapshots',
'DescribeDBSubnetGroups',
'DescribeEngineDefaultClusterParameters',
'DescribeEngineDefaultParameters',
'DescribeEventCategories',
'DescribeEventSubscriptions',
'DescribeEvents',
'DescribeExportTasks',
'DescribeGlobalClusters',
'DescribeIntegrations',
'DescribeOptionGroupOptions',
'DescribeOptionGroups',
'DescribeOrderableDBInstanceOptions',
'DescribePendingMaintenanceActions',
'DescribeReservedDBInstances',
'DescribeReservedDBInstancesOfferings',
'DescribeSourceRegions',
'DescribeTenantDatabases',
'DescribeValidDBInstanceModifications'
],
Read: [
'DescribeRecommendationGroups',
'DescribeRecommendations',
'DownloadCompleteDBLogFile',
'DownloadDBLogFilePortion',
'ListTagsForResource'
]
};
}
/**
* Grants permission to associate an Identity and Access Management (IAM) role from an Aurora DB cluster
*
* Access Level: Write
*
* Dependent actions:
* - iam:PassRole
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_AddRoleToDBCluster.html
*/
toAddRoleToDBCluster() {
return this.to('AddRoleToDBCluster');
}
/**
* Grants permission to associate an AWS Identity and Access Management (IAM) role with a DB instance
*
* Access Level: Write
*
* Dependent actions:
* - iam:PassRole
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_AddRoleToDBInstance.html
*/
toAddRoleToDBInstance() {
return this.to('AddRoleToDBInstance');
}
/**
* Grants permission to add a source identifier to an existing RDS event notification subscription
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_AddSourceIdentifierToSubscription.html
*/
toAddSourceIdentifierToSubscription() {
return this.to('AddSourceIdentifierToSubscription');
}
/**
* Grants permission to add metadata tags to an Amazon RDS resource
*
* Access Level: Tagging
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
* - .ifReqTag()
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_AddTagsToResource.html
*/
toAddTagsToResource() {
return this.to('AddTagsToResource');
}
/**
* Grants permission to apply a pending maintenance action to a resource
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ApplyPendingMaintenanceAction.html
*/
toApplyPendingMaintenanceAction() {
return this.to('ApplyPendingMaintenanceAction');
}
/**
* Grants permission to enable ingress to a DBSecurityGroup using one of two forms of authorization
*
* Access Level: Permissions management
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_AuthorizeDBSecurityGroupIngress.html
*/
toAuthorizeDBSecurityGroupIngress() {
return this.to('AuthorizeDBSecurityGroupIngress');
}
/**
* Grants permission to backtrack a DB cluster to a specific time, without creating a new DB cluster
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_BacktrackDBCluster.html
*/
toBacktrackDBCluster() {
return this.to('BacktrackDBCluster');
}
/**
* Grants permission to cancel an export task in progress
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CancelExportTask.html
*/
toCancelExportTask() {
return this.to('CancelExportTask');
}
/**
* Grants permission to copy a custom engine version
*
* Access Level: Write
*
* https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonrds.html
*/
toCopyCustomDBEngineVersion() {
return this.to('CopyCustomDBEngineVersion');
}
/**
* Grants permission to copy the specified DB cluster parameter group
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
* - .ifReqTag()
*
* Dependent actions:
* - rds:AddTagsToResource
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CopyDBClusterParameterGroup.html
*/
toCopyDBClusterParameterGroup() {
return this.to('CopyDBClusterParameterGroup');
}
/**
* Grants permission to create a snapshot of a DB cluster
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
* - .ifReqTag()
*
* Dependent actions:
* - rds:AddTagsToResource
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CopyDBClusterSnapshot.html
*/
toCopyDBClusterSnapshot() {
return this.to('CopyDBClusterSnapshot');
}
/**
* Grants permission to copy the specified DB parameter group
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
* - .ifReqTag()
*
* Dependent actions:
* - rds:AddTagsToResource
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CopyDBParameterGroup.html
*/
toCopyDBParameterGroup() {
return this.to('CopyDBParameterGroup');
}
/**
* Grants permission to copy the specified DB snapshot
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
* - .ifReqTag()
* - .ifCopyOptionGroup()
*
* Dependent actions:
* - rds:AddTagsToResource
* - rds:CopyCustomDBEngineVersion
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CopyDBSnapshot.html
*/
toCopyDBSnapshot() {
return this.to('CopyDBSnapshot');
}
/**
* Grants permission to copy the specified option group
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
* - .ifReqTag()
*
* Dependent actions:
* - rds:AddTagsToResource
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CopyOptionGroup.html
*/
toCopyOptionGroup() {
return this.to('CopyOptionGroup');
}
/**
* Grants permission to create a blue-green deployment for a given source cluster or instance
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsResourceTag()
* - .ifAwsTagKeys()
* - .ifClusterTag()
* - .ifClusterPgTag()
* - .ifDbTag()
* - .ifPgTag()
* - .ifReqTag()
* - .ifDatabaseEngine()
* - .ifDatabaseName()
* - .ifStorageEncrypted()
* - .ifDatabaseClass()
* - .ifStorageSize()
* - .ifMultiAz()
* - .ifPiops()
* - .ifVpc()
*
* Dependent actions:
* - rds:AddTagsToResource
* - rds:CreateDBCluster
* - rds:CreateDBClusterEndpoint
* - rds:CreateDBInstance
* - rds:CreateDBInstanceReadReplica
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateBlueGreenDeployment.html
*/
toCreateBlueGreenDeployment() {
return this.to('CreateBlueGreenDeployment');
}
/**
* Grants permission to create a custom engine version
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
* - .ifReqTag()
*
* Dependent actions:
* - iam:CreateServiceLinkedRole
* - mediaimport:CreateDatabaseBinarySnapshot
* - rds:AddTagsToResource
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateCustomDBEngineVersion.html
*/
toCreateCustomDBEngineVersion() {
return this.to('CreateCustomDBEngineVersion');
}
/**
* Grants permission to create a new DB cluster
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
* - .ifReqTag()
* - .ifDatabaseEngine()
* - .ifDatabaseName()
* - .ifStorageEncrypted()
* - .ifDatabaseClass()
* - .ifStorageSize()
* - .ifPiops()
* - .ifManageMasterUserPassword()
*
* Dependent actions:
* - iam:PassRole
* - kms:CreateGrant
* - kms:Decrypt
* - kms:DescribeKey
* - kms:GenerateDataKey
* - rds:AddTagsToResource
* - rds:CreateDBInstance
* - secretsmanager:CreateSecret
* - secretsmanager:TagResource
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html
*/
toCreateDBCluster() {
return this.to('CreateDBCluster');
}
/**
* Grants permission to create a new custom endpoint and associates it with an Amazon Aurora DB cluster or Amazon DocumentDB cluster
*
* Access Level: Write
*
* Possible conditions:
* - .ifEndpointType()
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
* - .ifReqTag()
*
* Dependent actions:
* - rds:AddTagsToResource
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBClusterEndpoint.html
*/
toCreateDBClusterEndpoint() {
return this.to('CreateDBClusterEndpoint');
}
/**
* Grants permission to create a new DB cluster parameter group
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
* - .ifReqTag()
*
* Dependent actions:
* - rds:AddTagsToResource
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBClusterParameterGroup.html
*/
toCreateDBClusterParameterGroup() {
return this.to('CreateDBClusterParameterGroup');
}
/**
* Grants permission to create a snapshot of a DB cluster
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
* - .ifReqTag()
*
* Dependent actions:
* - rds:AddTagsToResource
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBClusterSnapshot.html
*/
toCreateDBClusterSnapshot() {
return this.to('CreateDBClusterSnapshot');
}
/**
* Grants permission to create a new DB instance
*
* Access Level: Write
*
* Possible conditions:
* - .ifBackupTarget()
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
* - .ifReqTag()
* - .ifManageMasterUserPassword()
* - .ifPubliclyAccessible()
*
* Dependent actions:
* - iam:PassRole
* - kms:CreateGrant
* - kms:Decrypt
* - kms:DescribeKey
* - kms:GenerateDataKey
* - rds:AddTagsToResource
* - rds:CreateTenantDatabase
* - secretsmanager:CreateSecret
* - secretsmanager:TagResource
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html
*/
toCreateDBInstance() {
return this.to('CreateDBInstance');
}
/**
* Grants permission to create a DB instance that acts as a Read Replica of a source DB instance
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
* - .ifReqTag()
* - .ifPubliclyAccessible()
*
* Dependent actions:
* - iam:PassRole
* - rds:AddTagsToResource
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstanceReadReplica.html
*/
toCreateDBInstanceReadReplica() {
return this.to('CreateDBInstanceReadReplica');
}
/**
* Grants permission to create a new DB parameter group
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
* - .ifReqTag()
*
* Dependent actions:
* - rds:AddTagsToResource
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBParameterGroup.html
*/
toCreateDBParameterGroup() {
return this.to('CreateDBParameterGroup');
}
/**
* Grants permission to create a database proxy
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* Dependent actions:
* - iam:PassRole
* - rds:AddTagsToResource
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBProxy.html
*/
toCreateDBProxy() {
return this.to('CreateDBProxy');
}
/**
* Grants permission to create a database proxy endpoint
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* Dependent actions:
* - rds:AddTagsToResource
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBProxyEndpoint.html
*/
toCreateDBProxyEndpoint() {
return this.to('CreateDBProxyEndpoint');
}
/**
* Grants permission to create a new DB security group. DB security groups control access to a DB instance
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
* - .ifReqTag()
*
* Dependent actions:
* - rds:AddTagsToResource
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBSecurityGroup.html
*/
toCreateDBSecurityGroup() {
return this.to('CreateDBSecurityGroup');
}
/**
* Grants permission to create a new Aurora Limitless Database DB shard group
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
* - .ifReqTag()
* - .ifPubliclyAccessible()
*
* Dependent actions:
* - rds:AddTagsToResource
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBShardGroup.html
*/
toCreateDBShardGroup() {
return this.to('CreateDBShardGroup');
}
/**
* Grants permission to create a DBSnapshot
*
* Access Level: Write
*
* Possible conditions:
* - .ifBackupTarget()
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
* - .ifReqTag()
*
* Dependent actions:
* - rds:AddTagsToResource
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBSnapshot.html
*/
toCreateDBSnapshot() {
return this.to('CreateDBSnapshot');
}
/**
* Grants permission to create a new DB subnet group
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
* - .ifReqTag()
*
* Dependent actions:
* - rds:AddTagsToResource
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBSubnetGroup.html
*/
toCreateDBSubnetGroup() {
return this.to('CreateDBSubnetGroup');
}
/**
* Grants permission to create an RDS event notification subscription
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
* - .ifReqTag()
*
* Dependent actions:
* - rds:AddTagsToResource
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateEventSubscription.html
*/
toCreateEventSubscription() {
return this.to('CreateEventSubscription');
}
/**
* Grants permission to create an Aurora global database or DocumentDB global database spread across multiple regions
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
* - .ifReqTag()
*
* Dependent actions:
* - rds:AddTagsToResource
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateGlobalCluster.html
*/
toCreateGlobalCluster() {
return this.to('CreateGlobalCluster');
}
/**
* Grants permission to create an Aurora zero-ETL integration with Redshift
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
* - .ifReqTag()
*
* Dependent actions:
* - kms:CreateGrant
* - kms:DescribeKey
* - rds:AddTagsToResource
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateIntegration.html
*/
toCreateIntegration() {
return this.to('CreateIntegration');
}
/**
* Grants permission to create a new option group
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
* - .ifReqTag()
*
* Dependent actions:
* - rds:AddTagsToResource
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateOptionGroup.html
*/
toCreateOptionGroup() {
return this.to('CreateOptionGroup');
}
/**
* Grants permission to create a new tenant database
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
* - .ifReqTag()
* - .ifTenantDatabaseName()
* - .ifManageMasterUserPassword()
*
* Dependent actions:
* - rds:AddTagsToResource
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateTenantDatabase.html
*/
toCreateTenantDatabase() {
return this.to('CreateTenantDatabase');
}
/**
* Grants permission to access a resource in the remote Region when executing cross-Region operations, such as cross-Region snapshot copy or cross-Region read replica creation
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/security_iam_service-with-iam.html#UsingWithRDS.IAM.Conditions
*/
toCrossRegionCommunication() {
return this.to('CrossRegionCommunication');
}
/**
* Grants permission to delete blue green deployments
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsResourceTag()
*
* Dependent actions:
* - rds:DeleteDBCluster
* - rds:DeleteDBClusterEndpoint
* - rds:DeleteDBInstance
* - rds:PromoteReadReplica
* - rds:PromoteReadReplicaDBCluster
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteBlueGreenDeployment.html
*/
toDeleteBlueGreenDeployment() {
return this.to('DeleteBlueGreenDeployment');
}
/**
* Grants permission to delete an existing custom engine version
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteCustomDBEngineVersion.html
*/
toDeleteCustomDBEngineVersion() {
return this.to('DeleteCustomDBEngineVersion');
}
/**
* Grants permission to delete a previously provisioned DB cluster
*
* Access Level: Write
*
* Dependent actions:
* - rds:AddTagsToResource
* - rds:CreateDBClusterSnapshot
* - rds:DeleteDBInstance
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteDBCluster.html
*/
toDeleteDBCluster() {
return this.to('DeleteDBCluster');
}
/**
* Grants permission to delete cluster automated backups based on the source cluster's DbClusterResourceId value or the restorable cluster's resource ID
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteDBClusterAutomatedBackup.html
*/
toDeleteDBClusterAutomatedBackup() {
return this.to('DeleteDBClusterAutomatedBackup');
}
/**
* Grants permission to delete a custom endpoint and removes it from an Amazon Aurora DB cluster or Amazon DocumentDB cluster
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteDBClusterEndpoint.html
*/
toDeleteDBClusterEndpoint() {
return this.to('DeleteDBClusterEndpoint');
}
/**
* Grants permission to delete a specified DB cluster parameter group
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteDBClusterParameterGroup.html
*/
toDeleteDBClusterParameterGroup() {
return this.to('DeleteDBClusterParameterGroup');
}
/**
* Grants permission to delete a DB cluster snapshot
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteDBClusterSnapshot.html
*/
toDeleteDBClusterSnapshot() {
return this.to('DeleteDBClusterSnapshot');
}
/**
* Grants permission to delete a previously provisioned DB instance
*
* Access Level: Write
*
* Dependent actions:
* - rds:AddTagsToResource
* - rds:CreateDBSnapshot
* - rds:DeleteTenantDatabase
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteDBInstance.html
*/
toDeleteDBInstance() {
return this.to('DeleteDBInstance');
}
/**
* Grants permission to delete automated backups based on the source instance's DbiResourceId value or the restorable instance's resource ID
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteDBInstanceAutomatedBackup.html
*/
toDeleteDBInstanceAutomatedBackup() {
return this.to('DeleteDBInstanceAutomatedBackup');
}
/**
* Grants permission to delete a specified DBParameterGroup
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteDBParameterGroup.html
*/
toDeleteDBParameterGroup() {
return this.to('DeleteDBParameterGroup');
}
/**
* Grants permission to delete a database proxy
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteDBProxy.html
*/
toDeleteDBProxy() {
return this.to('DeleteDBProxy');
}
/**
* Grants permission to delete a database proxy endpoint
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteDBProxyEndpoint.html
*/
toDeleteDBProxyEndpoint() {
return this.to('DeleteDBProxyEndpoint');
}
/**
* Grants permission to delete a DB security group
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteDBSecurityGroup.html
*/
toDeleteDBSecurityGroup() {
return this.to('DeleteDBSecurityGroup');
}
/**
* Grants permission to delete an Aurora Limitless Database DB shard group
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteDBShardGroup.html
*/
toDeleteDBShardGroup() {
return this.to('DeleteDBShardGroup');
}
/**
* Grants permission to delete a DBSnapshot
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteDBSnapshot.html
*/
toDeleteDBSnapshot() {
return this.to('DeleteDBSnapshot');
}
/**
* Grants permission to delete a DB subnet group
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteDBSubnetGroup.html
*/
toDeleteDBSubnetGroup() {
return this.to('DeleteDBSubnetGroup');
}
/**
* Grants permission to delete an RDS event notification subscription
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteEventSubscription.html
*/
toDeleteEventSubscription() {
return this.to('DeleteEventSubscription');
}
/**
* Grants permission to delete a global database cluster
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteGlobalCluster.html
*/
toDeleteGlobalCluster() {
return this.to('DeleteGlobalCluster');
}
/**
* Grants permission to delete an Aurora zero-ETL integration with Redshift
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteIntegration.html
*/
toDeleteIntegration() {
return this.to('DeleteIntegration');
}
/**
* Grants permission to delete an existing option group
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteOptionGroup.html
*/
toDeleteOptionGroup() {
return this.to('DeleteOptionGroup');
}
/**
* Grants permission to delete a tenant database
*
* Access Level: Write
*
* Dependent actions:
* - rds:AddTagsToResource
* - rds:CreateDBSnapshot
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteTenantDatabase.html
*/
toDeleteTenantDatabase() {
return this.to('DeleteTenantDatabase');
}
/**
* Grants permission to remove targets from a database proxy target group
*
* Access Level: Write
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeregisterDBProxyTargets.html
*/
toDeregisterDBProxyTargets() {
return this.to('DeregisterDBProxyTargets');
}
/**
* Grants permission to list all of the attributes for a customer account
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeAccountAttributes.html
*/
toDescribeAccountAttributes() {
return this.to('DescribeAccountAttributes');
}
/**
* Grants permission to describe blue green deployments
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeBlueGreenDeployments.html
*/
toDescribeBlueGreenDeployments() {
return this.to('DescribeBlueGreenDeployments');
}
/**
* Grants permission to list the set of CA certificates provided by Amazon RDS for this AWS account
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeCertificates.html
*/
toDescribeCertificates() {
return this.to('DescribeCertificates');
}
/**
* Grants permission to return a list of cluster automated backups for both current and deleted clusters
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBClusterAutomatedBackups.html
*/
toDescribeDBClusterAutomatedBackups() {
return this.to('DescribeDBClusterAutomatedBackups');
}
/**
* Grants permission to return information about backtracks for a DB cluster
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBClusterBacktracks.html
*/
toDescribeDBClusterBacktracks() {
return this.to('DescribeDBClusterBacktracks');
}
/**
* Grants permission to return information about endpoints for an Amazon Aurora DB cluster
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBClusterEndpoints.html
*/
toDescribeDBClusterEndpoints() {
return this.to('DescribeDBClusterEndpoints');
}
/**
* Grants permission to return a list of DBClusterParameterGroup descriptions
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBClusterParameterGroups.html
*/
toDescribeDBClusterParameterGroups() {
return this.to('DescribeDBClusterParameterGroups');
}
/**
* Grants permission to return the detailed parameter list for a particular DB cluster parameter group
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBClusterParameters.html
*/
toDescribeDBClusterParameters() {
return this.to('DescribeDBClusterParameters');
}
/**
* Grants permission to return a list of DB cluster snapshot attribute names and values for a manual DB cluster snapshot
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBClusterSnapshotAttributes.html
*/
toDescribeDBClusterSnapshotAttributes() {
return this.to('DescribeDBClusterSnapshotAttributes');
}
/**
* Grants permission to return information about DB cluster snapshots
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBClusterSnapshots.html
*/
toDescribeDBClusterSnapshots() {
return this.to('DescribeDBClusterSnapshots');
}
/**
* Grants permission to return information about provisioned Aurora DB clusters or DocumentDB clusters
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBClusters.html
*/
toDescribeDBClusters() {
return this.to('DescribeDBClusters');
}
/**
* Grants permission to return a list of the available DB engines
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBEngineVersions.html
*/
toDescribeDBEngineVersions() {
return this.to('DescribeDBEngineVersions');
}
/**
* Grants permission to return a list of automated backups for both current and deleted instances
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstanceAutomatedBackups.html
*/
toDescribeDBInstanceAutomatedBackups() {
return this.to('DescribeDBInstanceAutomatedBackups');
}
/**
* Grants permission to return information about provisioned RDS instances
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstances.html
*/
toDescribeDBInstances() {
return this.to('DescribeDBInstances');
}
/**
* Grants permission to return a list of DB log files for the DB instance
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBLogFiles.html
*/
toDescribeDBLogFiles() {
return this.to('DescribeDBLogFiles');
}
/**
* Grants permission to return information specific for each DB major engine versions
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBMajorEngineVersions.html
*/
toDescribeDBMajorEngineVersions() {
return this.to('DescribeDBMajorEngineVersions');
}
/**
* Grants permission to return a list of DBParameterGroup descriptions
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBParameterGroups.html
*/
toDescribeDBParameterGroups() {
return this.to('DescribeDBParameterGroups');
}
/**
* Grants permission to return the detailed parameter list for a particular DB parameter group
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBParameters.html
*/
toDescribeDBParameters() {
return this.to('DescribeDBParameters');
}
/**
* Grants permission to view proxies
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBProxies.html
*/
toDescribeDBProxies() {
return this.to('DescribeDBProxies');
}
/**
* Grants permission to view proxy endpoints
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBProxyEndpoints.html
*/
toDescribeDBProxyEndpoints() {
return this.to('DescribeDBProxyEndpoints');
}
/**
* Grants permission to view database proxy target group details
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBProxyTargetGroups.html
*/
toDescribeDBProxyTargetGroups() {
return this.to('DescribeDBProxyTargetGroups');
}
/**
* Grants permission to view database proxy target details
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBProxyTargets.html
*/
toDescribeDBProxyTargets() {
return this.to('DescribeDBProxyTargets');
}
/**
* Grants permission to list recommendation details
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBRecommendations.html
*/
toDescribeDBRecommendations() {
return this.to('DescribeDBRecommendations');
}
/**
* Grants permission to return a list of DBSecurityGroup descriptions
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBSecurityGroups.html
*/
toDescribeDBSecurityGroups() {
return this.to('DescribeDBSecurityGroups');
}
/**
* Grants permission to return information about all Aurora Limitless Database DB shard groups for this account. You can filter by shard group(s)
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBShardGroups.html
*/
toDescribeDBShardGroups() {
return this.to('DescribeDBShardGroups');
}
/**
* Grants permission to return a list of DB snapshot attribute names and values for a manual DB snapshot
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBSnapshotAttributes.html
*/
toDescribeDBSnapshotAttributes() {
return this.to('DescribeDBSnapshotAttributes');
}
/**
* Grants permission to return information about tenant databases in DB snapshots. You can filter by Region or snapshot
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBSnapshotTenantDatabases.html
*/
toDescribeDBSnapshotTenantDatabases() {
return this.to('DescribeDBSnapshotTenantDatabases');
}
/**
* Grants permission to return information about DB snapshots
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBSnapshots.html
*/
toDescribeDBSnapshots() {
return this.to('DescribeDBSnapshots');
}
/**
* Grants permission to return a list of DBSubnetGroup descriptions
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBSubnetGroups.html
*/
toDescribeDBSubnetGroups() {
return this.to('DescribeDBSubnetGroups');
}
/**
* Grants permission to return the default engine and system parameter information for the cluster database engine
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeEngineDefaultClusterParameters.html
*/
toDescribeEngineDefaultClusterParameters() {
return this.to('DescribeEngineDefaultClusterParameters');
}
/**
* Grants permission to return the default engine and system parameter information for the specified database engine
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeEngineDefaultParameters.html
*/
toDescribeEngineDefaultParameters() {
return this.to('DescribeEngineDefaultParameters');
}
/**
* Grants permission to display a list of categories for all event source types, or, if specified, for a specified source type
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeEventCategories.html
*/
toDescribeEventCategories() {
return this.to('DescribeEventCategories');
}
/**
* Grants permission to list all the subscription descriptions for a customer account
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeEventSubscriptions.html
*/
toDescribeEventSubscriptions() {
return this.to('DescribeEventSubscriptions');
}
/**
* Grants permission to return events related to DB instances, DB security groups, DB snapshots, and DB parameter groups for the past 14 days
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeEvents.html
*/
toDescribeEvents() {
return this.to('DescribeEvents');
}
/**
* Grants permission to return information about the export tasks
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeExportTasks.html
*/
toDescribeExportTasks() {
return this.to('DescribeExportTasks');
}
/**
* Grants permission to return information about Aurora global database clusters or DocumentDB global database clusters
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeGlobalClusters.html
*/
toDescribeGlobalClusters() {
return this.to('DescribeGlobalClusters');
}
/**
* Grants permission to describe an Aurora zero-ETL integration with Redshift
*
* Access Level: List
*
* Possible conditions:
* - .ifAwsResourceTag()
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeIntegrations.html
*/
toDescribeIntegrations() {
return this.to('DescribeIntegrations');
}
/**
* Grants permission to describe all available options
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeOptionGroupOptions.html
*/
toDescribeOptionGroupOptions() {
return this.to('DescribeOptionGroupOptions');
}
/**
* Grants permission to describe the available option groups
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeOptionGroups.html
*/
toDescribeOptionGroups() {
return this.to('DescribeOptionGroups');
}
/**
* Grants permission to return a list of orderable DB instance options for the specified engine
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeOrderableDBInstanceOptions.html
*/
toDescribeOrderableDBInstanceOptions() {
return this.to('DescribeOrderableDBInstanceOptions');
}
/**
* Grants permission to return a list of resources (for example, DB instances) that have at least one pending maintenance action
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribePendingMaintenanceActions.html
*/
toDescribePendingMaintenanceActions() {
return this.to('DescribePendingMaintenanceActions');
}
/**
* Grants permission to return information about recommendation groups
*
* Access Level: Read
*
* https://docs.aws.amazon.com/AmazonRDS/latest/USER_Recommendations.html
*/
toDescribeRecommendationGroups() {
return this.to('DescribeRecommendationGroups');
}
/**
* Grants permission to return information about recommendations
*
* Access Level: Read
*
* https://docs.aws.amazon.com/AmazonRDS/latest/USER_Recommendations.html
*/
toDescribeRecommendations() {
return this.to('DescribeRecommendations');
}
/**
* Grants permission to return information about reserved DB instances for this account, or about a specified reserved DB instance
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeReservedDBInstances.html
*/
toDescribeReservedDBInstances() {
return this.to('DescribeReservedDBInstances');
}
/**
* Grants permission to list available reserved DB instance offerings
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeReservedDBInstancesOfferings.html
*/
toDescribeReservedDBInstancesOfferings() {
return this.to('DescribeReservedDBInstancesOfferings');
}
/**
* Grants permission to return a list of the source AWS Regions where the current AWS Region can create a Read Replica or copy a DB snapshot from
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeSourceRegions.html
*/
toDescribeSourceRegions() {
return this.to('DescribeSourceRegions');
}
/**
* Grants permission to return information about provisioned tenant databases. You can filter by Region or snapshot
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeTenantDatabases.html
*/
toDescribeTenantDatabases() {
return this.to('DescribeTenantDatabases');
}
/**
* Grants permission to list available modifications you can make to your DB instance
*
* Access Level: List
*
* https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeValidDBInstanceModifications.html
*/
toDescribeValidDBInstanceModifications() {
return this.to('DescribeValidDBInstanceModifications');
}
/**
* Grants permission to disable http endpoint for a DB cluster
*
* Access Level: Write
*
* https://docs.aws.amazon.com/Ama