iam-floyd
Version:
AWS IAM policy statement generator with fluent interface
966 lines • 90.7 kB
JavaScript
"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.S3express = void 0;
const shared_1 = require("../../shared");
/**
* Statement provider for service [s3express](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazons3express.html).
*
* @param sid [SID](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_sid.html) of the statement
*/
class S3express extends shared_1.PolicyStatement {
/**
* Statement provider for service [s3express](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazons3express.html).
*
* @param sid [SID](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_sid.html) of the statement
*/
constructor(sid) {
super(sid);
this.servicePrefix = 's3express';
this.accessLevelList = {
Write: [
'CreateAccessPoint',
'CreateBucket',
'CreateSession',
'DeleteAccessPoint',
'DeleteBucket',
'PutEncryptionConfiguration',
'PutLifecycleConfiguration'
],
'Permissions management': [
'DeleteAccessPointPolicy',
'DeleteAccessPointScope',
'DeleteBucketPolicy',
'PutAccessPointPolicy',
'PutAccessPointScope',
'PutBucketPolicy'
],
Read: [
'GetAccessPoint',
'GetAccessPointPolicy',
'GetAccessPointScope',
'GetBucketPolicy',
'GetEncryptionConfiguration',
'GetLifecycleConfiguration'
],
List: [
'ListAccessPointsForDirectoryBuckets',
'ListAllMyDirectoryBuckets',
'ListTagsForResource'
],
Tagging: [
'TagResource',
'UntagResource'
]
};
}
/**
* Grants permission to create a new access point
*
* Access Level: Write
*
* Possible conditions:
* - .ifDataAccessPointAccount()
* - .ifDataAccessPointArn()
* - .ifAccessPointNetworkOrigin()
* - .ifAuthType()
* - .ifLocationName()
* - .ifResourceAccount()
* - .ifSignatureversion()
* - .ifTlsVersion()
* - .ifXAmzContentSha256()
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_CreateAccessPoint.html
*/
toCreateAccessPoint() {
return this.to('CreateAccessPoint');
}
/**
* Grants permission to create a new bucket
*
* Access Level: Write
*
* Possible conditions:
* - .ifAuthType()
* - .ifLocationName()
* - .ifResourceAccount()
* - .ifSignatureversion()
* - .ifTlsVersion()
* - .ifXAmzContentSha256()
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html
*/
toCreateBucket() {
return this.to('CreateBucket');
}
/**
* Grants permission to Create Session token which is used for object APIs such as PutObject, GetObject, etc
*
* Access Level: Write
*
* Possible conditions:
* - .ifAuthType()
* - .ifResourceAccount()
* - .ifSessionMode()
* - .ifSignatureAge()
* - .ifSignatureversion()
* - .ifTlsVersion()
* - .ifXAmzContentSha256()
* - .ifXAmzServerSideEncryption()
* - .ifXAmzServerSideEncryptionAwsKmsKeyId()
* - .ifAllAccessRestrictedToLocalZoneGroup()
* - .ifPermissions()
*
* https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html
*/
toCreateSession() {
return this.to('CreateSession');
}
/**
* Grants permission to delete the access point named in the URI
*
* Access Level: Write
*
* Possible conditions:
* - .ifDataAccessPointAccount()
* - .ifDataAccessPointArn()
* - .ifAccessPointNetworkOrigin()
* - .ifAuthType()
* - .ifResourceAccount()
* - .ifSignatureversion()
* - .ifTlsVersion()
* - .ifXAmzContentSha256()
*
* https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteAccessPoint.html
*/
toDeleteAccessPoint() {
return this.to('DeleteAccessPoint');
}
/**
* Grants permission to delete the policy on a specified access point
*
* Access Level: Permissions management
*
* Possible conditions:
* - .ifDataAccessPointAccount()
* - .ifDataAccessPointArn()
* - .ifAccessPointNetworkOrigin()
* - .ifAuthType()
* - .ifResourceAccount()
* - .ifSignatureversion()
* - .ifTlsVersion()
* - .ifXAmzContentSha256()
*
* https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteAccessPointPolicy.html
*/
toDeleteAccessPointPolicy() {
return this.to('DeleteAccessPointPolicy');
}
/**
* Grants permission to delete the scope configuration on a specified access point
*
* Access Level: Permissions management
*
* Possible conditions:
* - .ifDataAccessPointAccount()
* - .ifDataAccessPointArn()
* - .ifAccessPointNetworkOrigin()
* - .ifAuthType()
* - .ifResourceAccount()
* - .ifSignatureversion()
* - .ifTlsVersion()
* - .ifXAmzContentSha256()
*
* https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteAccessPointScope.html
*/
toDeleteAccessPointScope() {
return this.to('DeleteAccessPointScope');
}
/**
* Grants permission to delete the bucket named in the URI
*
* Access Level: Write
*
* Possible conditions:
* - .ifAuthType()
* - .ifResourceAccount()
* - .ifSignatureversion()
* - .ifTlsVersion()
* - .ifXAmzContentSha256()
*
* https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucket.html
*/
toDeleteBucket() {
return this.to('DeleteBucket');
}
/**
* Grants permission to delete the policy on a specified bucket
*
* Access Level: Permissions management
*
* Possible conditions:
* - .ifAuthType()
* - .ifResourceAccount()
* - .ifSignatureversion()
* - .ifTlsVersion()
* - .ifXAmzContentSha256()
*
* https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketPolicy.html
*/
toDeleteBucketPolicy() {
return this.to('DeleteBucketPolicy');
}
/**
* Grants permission to return configuration information about the specified access point
*
* Access Level: Read
*
* Possible conditions:
* - .ifDataAccessPointAccount()
* - .ifDataAccessPointArn()
* - .ifAccessPointNetworkOrigin()
* - .ifAuthType()
* - .ifResourceAccount()
* - .ifSignatureversion()
* - .ifTlsVersion()
* - .ifXAmzContentSha256()
*
* https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetAccessPoint.html
*/
toGetAccessPoint() {
return this.to('GetAccessPoint');
}
/**
* Grants permission to return the access point policy associated with the specified access point
*
* Access Level: Read
*
* Possible conditions:
* - .ifDataAccessPointAccount()
* - .ifDataAccessPointArn()
* - .ifAccessPointNetworkOrigin()
* - .ifAuthType()
* - .ifResourceAccount()
* - .ifSignatureversion()
* - .ifTlsVersion()
* - .ifXAmzContentSha256()
*
* https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetAccessPointPolicy.html
*/
toGetAccessPointPolicy() {
return this.to('GetAccessPointPolicy');
}
/**
* Grants permission to return the scope configuration associated with the specified access point
*
* Access Level: Read
*
* Possible conditions:
* - .ifDataAccessPointAccount()
* - .ifDataAccessPointArn()
* - .ifAccessPointNetworkOrigin()
* - .ifAuthType()
* - .ifResourceAccount()
* - .ifSignatureversion()
* - .ifTlsVersion()
* - .ifXAmzContentSha256()
*
* https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetAccessPointScope.html
*/
toGetAccessPointScope() {
return this.to('GetAccessPointScope');
}
/**
* Grants permission to return the policy of the specified bucket
*
* Access Level: Read
*
* Possible conditions:
* - .ifAuthType()
* - .ifResourceAccount()
* - .ifSignatureversion()
* - .ifTlsVersion()
* - .ifXAmzContentSha256()
*
* https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketPolicy.html
*/
toGetBucketPolicy() {
return this.to('GetBucketPolicy');
}
/**
* Grants permission to return the default encryption configuration for a directory bucket
*
* Access Level: Read
*
* Possible conditions:
* - .ifAuthType()
* - .ifResourceAccount()
* - .ifSignatureversion()
* - .ifTlsVersion()
* - .ifXAmzContentSha256()
*
* https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketEncryption.html
*/
toGetEncryptionConfiguration() {
return this.to('GetEncryptionConfiguration');
}
/**
* Grants permission to return the lifecycle configuration information set on a directory bucket
*
* Access Level: Read
*
* Possible conditions:
* - .ifAuthType()
* - .ifResourceAccount()
* - .ifSignatureversion()
* - .ifTlsVersion()
* - .ifXAmzContentSha256()
*
* https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLifecycleConfiguration.html
*/
toGetLifecycleConfiguration() {
return this.to('GetLifecycleConfiguration');
}
/**
* Grants permission to list access points
*
* Access Level: List
*
* Possible conditions:
* - .ifAuthType()
* - .ifResourceAccount()
* - .ifSignatureversion()
* - .ifTlsVersion()
* - .ifXAmzContentSha256()
*
* https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_ListAccessPointsForDirectoryBuckets.html
*/
toListAccessPointsForDirectoryBuckets() {
return this.to('ListAccessPointsForDirectoryBuckets');
}
/**
* Grants permission to list all directory buckets owned by the authenticated sender of the request
*
* Access Level: List
*
* Possible conditions:
* - .ifAuthType()
* - .ifResourceAccount()
* - .ifSignatureversion()
* - .ifTlsVersion()
* - .ifXAmzContentSha256()
*
* https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListDirectoryBuckets.html
*/
toListAllMyDirectoryBuckets() {
return this.to('ListAllMyDirectoryBuckets');
}
/**
* Grants permission to lists all of the tags for a specified resource
*
* Access Level: List
*
* Possible conditions:
* - .ifAuthType()
* - .ifResourceAccount()
* - .ifSignatureversion()
* - .ifTlsVersion()
* - .ifXAmzContentSha256()
*
* https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_ListTagsForResource.html
*/
toListTagsForResource() {
return this.to('ListTagsForResource');
}
/**
* Grants permission to associate an access policy with a specified access point
*
* Access Level: Permissions management
*
* Possible conditions:
* - .ifDataAccessPointAccount()
* - .ifDataAccessPointArn()
* - .ifAccessPointNetworkOrigin()
* - .ifAuthType()
* - .ifResourceAccount()
* - .ifSignatureversion()
* - .ifTlsVersion()
* - .ifXAmzContentSha256()
*
* https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutAccessPointPolicy.html
*/
toPutAccessPointPolicy() {
return this.to('PutAccessPointPolicy');
}
/**
* Grants permission to associate an access point with a specified access point scope configuration
*
* Access Level: Permissions management
*
* Possible conditions:
* - .ifDataAccessPointAccount()
* - .ifDataAccessPointArn()
* - .ifAccessPointNetworkOrigin()
* - .ifAuthType()
* - .ifResourceAccount()
* - .ifSignatureversion()
* - .ifTlsVersion()
* - .ifXAmzContentSha256()
*
* https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutAccessPointScope.html
*/
toPutAccessPointScope() {
return this.to('PutAccessPointScope');
}
/**
* Grants permission to add or replace a bucket policy on a bucket
*
* Access Level: Permissions management
*
* Possible conditions:
* - .ifAuthType()
* - .ifResourceAccount()
* - .ifSignatureversion()
* - .ifTlsVersion()
* - .ifXAmzContentSha256()
*
* https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketPolicy.html
*/
toPutBucketPolicy() {
return this.to('PutBucketPolicy');
}
/**
* Grants permission to set the encryption configuration for a directory bucket
*
* Access Level: Write
*
* Possible conditions:
* - .ifAuthType()
* - .ifResourceAccount()
* - .ifSignatureversion()
* - .ifTlsVersion()
* - .ifXAmzContentSha256()
*
* https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketEncryption.html
*/
toPutEncryptionConfiguration() {
return this.to('PutEncryptionConfiguration');
}
/**
* Grants permission to create a new lifecycle configuration for the directory bucket or replace an existing lifecycle configuration
*
* Access Level: Write
*
* Possible conditions:
* - .ifAuthType()
* - .ifResourceAccount()
* - .ifSignatureversion()
* - .ifTlsVersion()
* - .ifXAmzContentSha256()
*
* https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycleConfiguration.html
*/
toPutLifecycleConfiguration() {
return this.to('PutLifecycleConfiguration');
}
/**
* Grants permission to create a new user-defined tag or update an existing tag
*
* Access Level: Tagging
*
* Possible conditions:
* - .ifAuthType()
* - .ifResourceAccount()
* - .ifSignatureversion()
* - .ifTlsVersion()
* - .ifXAmzContentSha256()
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_TagResource.html
*/
toTagResource() {
return this.to('TagResource');
}
/**
* Grants permission to remove the specified user-defined tags from an S3 resource
*
* Access Level: Tagging
*
* Possible conditions:
* - .ifAuthType()
* - .ifResourceAccount()
* - .ifSignatureversion()
* - .ifTlsVersion()
* - .ifXAmzContentSha256()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_UntagResource.html
*/
toUntagResource() {
return this.to('UntagResource');
}
/**
* Adds a resource of type bucket to the statement
*
* https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam.html
*
* @param bucketName - Identifier for the bucketName.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
* - .ifBucketTag()
*/
onBucket(bucketName, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:s3express:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:bucket/${bucketName}`);
}
/**
* Adds a resource of type accesspoint to the statement
*
* https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-points.html
*
* @param accessPointName - Identifier for the accessPointName.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
* - .ifAccessPointTag()
*/
onAccesspoint(accessPointName, account, region, partition) {
return this.on(`arn:${partition ?? this.defaultPartition}:s3express:${region ?? this.defaultRegion}:${account ?? this.defaultAccount}:accesspoint/${accessPointName}`);
}
/**
* Filters access by the tags that are passed in the request
*
* https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-tagging.html#example-user-policy-request-tag
*
* Applies to actions:
* - .toCreateAccessPoint()
* - .toCreateBucket()
* - .toTagResource()
*
* @param tagKey The tag key to check
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifAwsRequestTag(tagKey, value, operator) {
return this.if(`aws:RequestTag/${tagKey}`, value, operator ?? 'StringLike');
}
/**
* Filters access by the tags associated with the resource
*
* https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-tagging.html#example-user-policy-resource-tag
*
* Applies to resource types:
* - bucket
* - accesspoint
*
* @param tagKey The tag key to check
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifAwsResourceTag(tagKey, value, operator) {
return this.if(`aws:ResourceTag/${tagKey}`, value, operator ?? 'StringLike');
}
/**
* Filters access by the tag keys that are passed in the request
*
* https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-tagging.html#example-user-policy-tag-keys
*
* Applies to actions:
* - .toCreateAccessPoint()
* - .toCreateBucket()
* - .toTagResource()
* - .toUntagResource()
*
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifAwsTagKeys(value, operator) {
return this.if(`aws:TagKeys`, value, operator ?? 'StringLike');
}
/**
* Filters access by the network origin (Internet or VPC)
*
* https://docs.aws.amazon.com/AmazonS3/latest/userguide/creating-access-points.html#access-points-policies
*
* Applies to actions:
* - .toCreateAccessPoint()
* - .toDeleteAccessPoint()
* - .toDeleteAccessPointPolicy()
* - .toDeleteAccessPointScope()
* - .toGetAccessPoint()
* - .toGetAccessPointPolicy()
* - .toGetAccessPointScope()
* - .toPutAccessPointPolicy()
* - .toPutAccessPointScope()
*
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifAccessPointNetworkOrigin(value, operator) {
return this.if(`AccessPointNetworkOrigin`, value, operator ?? 'StringLike');
}
/**
* Filters access by tag key-value pairs attached to the access point
*
* https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-points-db-tagging.html#example-access-points-db-policy-bucket-tag
*
* Applies to resource types:
* - accesspoint
*
* @param tagKey The tag key to check
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifAccessPointTag(tagKey, value, operator) {
return this.if(`AccessPointTag/${tagKey}`, value, operator ?? 'StringLike');
}
/**
* Filters access by AWS Local Zone network border group(s) provided in this condition key
*
* Applies to actions:
* - .toCreateSession()
*
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifAllAccessRestrictedToLocalZoneGroup(value, operator) {
return this.if(`AllAccessRestrictedToLocalZoneGroup`, value, operator ?? 'StringLike');
}
/**
* Filters access by tag key-value pairs attached to the bucket
*
* https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-tagging.html#example-policy-bucket-tag
*
* Applies to resource types:
* - bucket
*
* @param tagKey The tag key to check
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifBucketTag(tagKey, value, operator) {
return this.if(`BucketTag/${tagKey}`, value, operator ?? 'StringLike');
}
/**
* Filters access by the AWS Account ID that owns the access point
*
* https://docs.aws.amazon.com/AmazonS3/latest/userguide/creating-access-points.html#access-points-policies
*
* Applies to actions:
* - .toCreateAccessPoint()
* - .toDeleteAccessPoint()
* - .toDeleteAccessPointPolicy()
* - .toDeleteAccessPointScope()
* - .toGetAccessPoint()
* - .toGetAccessPointPolicy()
* - .toGetAccessPointScope()
* - .toPutAccessPointPolicy()
* - .toPutAccessPointScope()
*
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifDataAccessPointAccount(value, operator) {
return this.if(`DataAccessPointAccount`, value, operator ?? 'StringLike');
}
/**
* Filters access by an access point Amazon Resource Name (ARN)
*
* https://docs.aws.amazon.com/AmazonS3/latest/userguide/creating-access-points.html#access-points-policies
*
* Applies to actions:
* - .toCreateAccessPoint()
* - .toDeleteAccessPoint()
* - .toDeleteAccessPointPolicy()
* - .toDeleteAccessPointScope()
* - .toGetAccessPoint()
* - .toGetAccessPointPolicy()
* - .toGetAccessPointScope()
* - .toPutAccessPointPolicy()
* - .toPutAccessPointScope()
*
* @param value The value(s) to check
* @param operator Works with [arn operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_ARN). **Default:** `ArnLike`
*/
ifDataAccessPointArn(value, operator) {
return this.if(`DataAccessPointArn`, value, operator ?? 'ArnLike');
}
/**
* Filters access by a specific Availability Zone or Local Zone ID
*
* https://docs.aws.amazon.com/AmazonS3/latest/userguide/amazon-s3-express-zonal-policy-keys.html#example-location-name
*
* Applies to actions:
* - .toCreateAccessPoint()
* - .toCreateBucket()
*
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifLocationName(value, operator) {
return this.if(`LocationName`, value, operator ?? 'StringLike');
}
/**
* Filters access by the permission requested by Access Point Scope configuration, such as GetObject, PutObject
*
* Applies to actions:
* - .toCreateSession()
*
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifPermissions(value, operator) {
return this.if(`Permissions`, value, operator ?? 'StringLike');
}
/**
* Filters access by the resource owner AWS account ID
*
* https://docs.aws.amazon.com/AmazonS3/latest/userguide/amazon-s3-express-zonal-policy-keys.html#example-object-resource-account
*
* Applies to actions:
* - .toCreateAccessPoint()
* - .toCreateBucket()
* - .toCreateSession()
* - .toDeleteAccessPoint()
* - .toDeleteAccessPointPolicy()
* - .toDeleteAccessPointScope()
* - .toDeleteBucket()
* - .toDeleteBucketPolicy()
* - .toGetAccessPoint()
* - .toGetAccessPointPolicy()
* - .toGetAccessPointScope()
* - .toGetBucketPolicy()
* - .toGetEncryptionConfiguration()
* - .toGetLifecycleConfiguration()
* - .toListAccessPointsForDirectoryBuckets()
* - .toListAllMyDirectoryBuckets()
* - .toListTagsForResource()
* - .toPutAccessPointPolicy()
* - .toPutAccessPointScope()
* - .toPutBucketPolicy()
* - .toPutEncryptionConfiguration()
* - .toPutLifecycleConfiguration()
* - .toTagResource()
* - .toUntagResource()
*
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifResourceAccount(value, operator) {
return this.if(`ResourceAccount`, value, operator ?? 'StringLike');
}
/**
* Filters access by the permission requested by CreateSession API, such as ReadOnly and ReadWrite
*
* https://docs.aws.amazon.com/AmazonS3/latest/userguide/amazon-s3-express-zonal-policy-keys.html#example-session-mode
*
* Applies to actions:
* - .toCreateSession()
*
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifSessionMode(value, operator) {
return this.if(`SessionMode`, value, operator ?? 'StringLike');
}
/**
* Filters access by the TLS version used by the client
*
* Applies to actions:
* - .toCreateAccessPoint()
* - .toCreateBucket()
* - .toCreateSession()
* - .toDeleteAccessPoint()
* - .toDeleteAccessPointPolicy()
* - .toDeleteAccessPointScope()
* - .toDeleteBucket()
* - .toDeleteBucketPolicy()
* - .toGetAccessPoint()
* - .toGetAccessPointPolicy()
* - .toGetAccessPointScope()
* - .toGetBucketPolicy()
* - .toGetEncryptionConfiguration()
* - .toGetLifecycleConfiguration()
* - .toListAccessPointsForDirectoryBuckets()
* - .toListAllMyDirectoryBuckets()
* - .toListTagsForResource()
* - .toPutAccessPointPolicy()
* - .toPutAccessPointScope()
* - .toPutBucketPolicy()
* - .toPutEncryptionConfiguration()
* - .toPutLifecycleConfiguration()
* - .toTagResource()
* - .toUntagResource()
*
* @param value The value(s) to check
* @param operator Works with [numeric operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_Numeric). **Default:** `NumericEquals`
*/
ifTlsVersion(value, operator) {
return this.if(`TlsVersion`, value, operator ?? 'NumericEquals');
}
/**
* Filters access by authentication method
*
* https://docs.aws.amazon.com/AmazonS3/latest/API/bucket-policy-s3-sigv4-conditions.html
*
* Applies to actions:
* - .toCreateAccessPoint()
* - .toCreateBucket()
* - .toCreateSession()
* - .toDeleteAccessPoint()
* - .toDeleteAccessPointPolicy()
* - .toDeleteAccessPointScope()
* - .toDeleteBucket()
* - .toDeleteBucketPolicy()
* - .toGetAccessPoint()
* - .toGetAccessPointPolicy()
* - .toGetAccessPointScope()
* - .toGetBucketPolicy()
* - .toGetEncryptionConfiguration()
* - .toGetLifecycleConfiguration()
* - .toListAccessPointsForDirectoryBuckets()
* - .toListAllMyDirectoryBuckets()
* - .toListTagsForResource()
* - .toPutAccessPointPolicy()
* - .toPutAccessPointScope()
* - .toPutBucketPolicy()
* - .toPutEncryptionConfiguration()
* - .toPutLifecycleConfiguration()
* - .toTagResource()
* - .toUntagResource()
*
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifAuthType(value, operator) {
return this.if(`authType`, value, operator ?? 'StringLike');
}
/**
* Filters access by the age in milliseconds of the request signature
*
* https://docs.aws.amazon.com/AmazonS3/latest/API/bucket-policy-s3-sigv4-conditions.html
*
* Applies to actions:
* - .toCreateSession()
*
* @param value The value(s) to check
* @param operator Works with [numeric operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_Numeric). **Default:** `NumericEquals`
*/
ifSignatureAge(value, operator) {
return this.if(`signatureAge`, value, operator ?? 'NumericEquals');
}
/**
* Filters access by the AWS Signature Version used on the request
*
* https://docs.aws.amazon.com/AmazonS3/latest/API/bucket-policy-s3-sigv4-conditions.html
*
* Applies to actions:
* - .toCreateAccessPoint()
* - .toCreateBucket()
* - .toCreateSession()
* - .toDeleteAccessPoint()
* - .toDeleteAccessPointPolicy()
* - .toDeleteAccessPointScope()
* - .toDeleteBucket()
* - .toDeleteBucketPolicy()
* - .toGetAccessPoint()
* - .toGetAccessPointPolicy()
* - .toGetAccessPointScope()
* - .toGetBucketPolicy()
* - .toGetEncryptionConfiguration()
* - .toGetLifecycleConfiguration()
* - .toListAccessPointsForDirectoryBuckets()
* - .toListAllMyDirectoryBuckets()
* - .toListTagsForResource()
* - .toPutAccessPointPolicy()
* - .toPutAccessPointScope()
* - .toPutBucketPolicy()
* - .toPutEncryptionConfiguration()
* - .toPutLifecycleConfiguration()
* - .toTagResource()
* - .toUntagResource()
*
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifSignatureversion(value, operator) {
return this.if(`signatureversion`, value, operator ?? 'StringLike');
}
/**
* Filters access by unsigned content in your bucket
*
* https://docs.aws.amazon.com/AmazonS3/latest/API/bucket-policy-s3-sigv4-conditions.html
*
* Applies to actions:
* - .toCreateAccessPoint()
* - .toCreateBucket()
* - .toCreateSession()
* - .toDeleteAccessPoint()
* - .toDeleteAccessPointPolicy()
* - .toDeleteAccessPointScope()
* - .toDeleteBucket()
* - .toDeleteBucketPolicy()
* - .toGetAccessPoint()
* - .toGetAccessPointPolicy()
* - .toGetAccessPointScope()
* - .toGetBucketPolicy()
* - .toGetEncryptionConfiguration()
* - .toGetLifecycleConfiguration()
* - .toListAccessPointsForDirectoryBuckets()
* - .toListAllMyDirectoryBuckets()
* - .toListTagsForResource()
* - .toPutAccessPointPolicy()
* - .toPutAccessPointScope()
* - .toPutBucketPolicy()
* - .toPutEncryptionConfiguration()
* - .toPutLifecycleConfiguration()
* - .toTagResource()
* - .toUntagResource()
*
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifXAmzContentSha256(value, operator) {
return this.if(`x-amz-content-sha256`, value, operator ?? 'StringLike');
}
/**
* Filters access by server-side encryption
*
* https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-data-protection.html
*
* Applies to actions:
* - .toCreateSession()
*
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifXAmzServerSideEncryption(value, operator) {
return this.if(`x-amz-server-side-encryption`, value, operator ?? 'StringLike');
}
/**
* Filters access by AWS KMS customer managed key for server-side encryption
*
* https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-UsingKMSEncryption.html#s3-express-require-sse-kms
*
* Applies to actions:
* - .toCreateSession()
*
* @param value The value(s) to check
* @param operator Works with [arn operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_ARN). **Default:** `ArnLike`
*/
ifXAmzServerSideEncryptionAwsKmsKeyId(value, operator) {
return this.if(`x-amz-server-side-encryption-aws-kms-key-id`, value, operator ?? 'ArnLike');
}
}
exports.S3express = S3express;
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiczNleHByZXNzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiczNleHByZXNzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUNBLHlDQUF5RDtBQUV6RDs7OztHQUlHO0FBQ0gsTUFBYSxTQUFVLFNBQVEsd0JBQWU7SUFHNUM7Ozs7T0FJRztJQUNILFlBQVksR0FBWTtRQUN0QixLQUFLLENBQUMsR0FBRyxDQUFDLENBQUM7UUFSTixrQkFBYSxHQUFHLFdBQVcsQ0FBQztRQXFlekIsb0JBQWUsR0FBb0I7WUFDM0MsS0FBSyxFQUFFO2dCQUNMLG1CQUFtQjtnQkFDbkIsY0FBYztnQkFDZCxlQUFlO2dCQUNmLG1CQUFtQjtnQkFDbkIsY0FBYztnQkFDZCw0QkFBNEI7Z0JBQzVCLDJCQUEyQjthQUM1QjtZQUNELHdCQUF3QixFQUFFO2dCQUN4Qix5QkFBeUI7Z0JBQ3pCLHdCQUF3QjtnQkFDeEIsb0JBQW9CO2dCQUNwQixzQkFBc0I7Z0JBQ3RCLHFCQUFxQjtnQkFDckIsaUJBQWlCO2FBQ2xCO1lBQ0QsSUFBSSxFQUFFO2dCQUNKLGdCQUFnQjtnQkFDaEIsc0JBQXNCO2dCQUN0QixxQkFBcUI7Z0JBQ3JCLGlCQUFpQjtnQkFDakIsNEJBQTRCO2dCQUM1QiwyQkFBMkI7YUFDNUI7WUFDRCxJQUFJLEVBQUU7Z0JBQ0oscUNBQXFDO2dCQUNyQywyQkFBMkI7Z0JBQzNCLHFCQUFxQjthQUN0QjtZQUNELE9BQU8sRUFBRTtnQkFDUCxhQUFhO2dCQUNiLGVBQWU7YUFDaEI7U0FDRixDQUFDO0lBL2ZGLENBQUM7SUFFRDs7Ozs7Ozs7Ozs7Ozs7Ozs7OztPQW1CRztJQUNJLG1CQUFtQjtRQUN4QixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsbUJBQW1CLENBQUMsQ0FBQztJQUN0QyxDQUFDO0lBRUQ7Ozs7Ozs7Ozs7Ozs7Ozs7T0FnQkc7SUFDSSxjQUFjO1FBQ25CLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxjQUFjLENBQUMsQ0FBQztJQUNqQyxDQUFDO0lBRUQ7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7T0FtQkc7SUFDSSxlQUFlO1FBQ3BCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxlQUFlLENBQUMsQ0FBQztJQUNsQyxDQUFDO0lBRUQ7Ozs7Ozs7Ozs7Ozs7Ozs7T0FnQkc7SUFDSSxtQkFBbUI7UUFDeEIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLG1CQUFtQixDQUFDLENBQUM7SUFDdEMsQ0FBQztJQUVEOzs7Ozs7Ozs7Ozs7Ozs7O09BZ0JHO0lBQ0kseUJBQXlCO1FBQzlCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyx5QkFBeUIsQ0FBQyxDQUFDO0lBQzVDLENBQUM7SUFFRDs7Ozs7Ozs7Ozs7Ozs7OztPQWdCRztJQUNJLHdCQUF3QjtRQUM3QixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsd0JBQXdCLENBQUMsQ0FBQztJQUMzQyxDQUFDO0lBRUQ7Ozs7Ozs7Ozs7Ozs7T0FhRztJQUNJLGNBQWM7UUFDbkIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLGNBQWMsQ0FBQyxDQUFDO0lBQ2pDLENBQUM7SUFFRDs7Ozs7Ozs7Ozs7OztPQWFHO0lBQ0ksb0JBQW9CO1FBQ3pCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxvQkFBb0IsQ0FBQyxDQUFDO0lBQ3ZDLENBQUM7SUFFRDs7Ozs7Ozs7Ozs7Ozs7OztPQWdCRztJQUNJLGdCQUFnQjtRQUNyQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsZ0JBQWdCLENBQUMsQ0FBQztJQUNuQyxDQUFDO0lBRUQ7Ozs7Ozs7Ozs7Ozs7Ozs7T0FnQkc7SUFDSSxzQkFBc0I7UUFDM0IsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLHNCQUFzQixDQUFDLENBQUM7SUFDekMsQ0FBQztJQUVEOzs7Ozs7Ozs7Ozs7Ozs7O09BZ0JHO0lBQ0kscUJBQXFCO1FBQzFCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxxQkFBcUIsQ0FBQyxDQUFDO0lBQ3hDLENBQUM7SUFFRDs7Ozs7Ozs7Ozs7OztPQWFHO0lBQ0ksaUJBQWlCO1FBQ3RCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxpQkFBaUIsQ0FBQyxDQUFDO0lBQ3BDLENBQUM7SUFFRDs7Ozs7Ozs7Ozs7OztPQWFHO0lBQ0ksNEJBQTRCO1FBQ2pDLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyw0QkFBNEIsQ0FBQyxDQUFDO0lBQy9DLENBQUM7SUFFRDs7Ozs7Ozs7Ozs7OztPQWFHO0lBQ0ksMkJBQTJCO1FBQ2hDLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQywyQkFBMkIsQ0FBQyxDQUFDO0lBQzlDLENBQUM7SUFFRDs7Ozs7Ozs7Ozs7OztPQWFHO0lBQ0kscUNBQXFDO1FBQzFDLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxxQ0FBcUMsQ0FBQyxDQUFDO0lBQ3hELENBQUM7SUFFRDs7Ozs7Ozs7Ozs7OztPQWFHO0lBQ0ksMkJBQTJCO1FBQ2hDLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQywyQkFBMkIsQ0FBQyxDQUFDO0lBQzlDLENBQUM7SUFFRDs7Ozs7Ozs7Ozs7OztPQWFHO0lBQ0kscUJBQXFCO1FBQzFCLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxxQkFBcUIsQ0FBQyxDQUFDO0lBQ3hDLENBQUM7SUFFRDs7Ozs7Ozs7Ozs7Ozs7OztPQWdCRztJQUNJLHNCQUFzQjtRQUMzQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsc0JBQXNCLENBQUMsQ0FBQztJQUN6QyxDQUFDO0lBRUQ7Ozs7Ozs7Ozs7Ozs7Ozs7T0FnQkc7SUFDSSxxQkFBcUI7UUFDMUIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLHFCQUFxQixDQUFDLENBQUM7SUFDeEMsQ0FBQztJQUVEOzs7Ozs7Ozs7Ozs7O09BYUc7SUFDSSxpQkFBaUI7UUFDdEIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLGlCQUFpQixDQUFDLENBQUM7SUFDcEMsQ0FBQztJQUVEOzs7Ozs7Ozs7Ozs7O09BYUc7SUFDSSw0QkFBNEI7UUFDakMsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLDRCQUE0QixDQUFDLENBQUM7SUFDL0MsQ0FBQztJQUVEOzs7Ozs7Ozs7Ozs7O09BYUc7SUFDSSwyQkFBMkI7UUFDaEMsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLDJCQUEyQixDQUFDLENBQUM7SUFDOUMsQ0FBQztJQUVEOzs7Ozs7Ozs7Ozs7Ozs7T0FlRztJQUNJLGFBQWE7UUFDbEIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLGFBQWEsQ0FBQyxDQUFDO0lBQ2hDLENBQUM7SUFFRDs7Ozs7Ozs7Ozs7Ozs7T0FjRztJQUNJLGVBQWU7UUFDcEIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLGVBQWUsQ0FBQyxDQUFDO0lBQ2xDLENBQUM7SUF1Q0Q7Ozs7Ozs7Ozs7Ozs7T0FhRztJQUNJLFFBQVEsQ0FBQyxVQUFrQixFQUFFLE9BQWdCLEVBQUUsTUFBZSxFQUFFLFNBQWtCO1FBQ3ZGLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxPQUFRLFNBQVMsSUFBSSxJQUFJLENBQUMsZ0JBQWlCLGNBQWUsTUFBTSxJQUFJLElBQUksQ0FBQyxhQUFjLElBQUssT0FBTyxJQUFJLElBQUksQ0FBQyxjQUFlLFdBQVksVUFBVyxFQUFFLENBQUMsQ0FBQztJQUN2SyxDQUFDO0lBRUQ7Ozs7Ozs7Ozs7Ozs7T0FhRztJQUNJLGFBQWEsQ0FBQyxlQUF1QixFQUFFLE9BQWdCLEVBQUUsTUFBZSxFQUFFLFNBQWtCO1FBQ2pHLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxPQUFRLFNBQVMsSUFBSSxJQUFJLENBQUMsZ0JBQWlCLGNBQWUsTUFBTSxJQUFJLElBQUksQ0FBQyxhQUFjLElBQUssT0FBTyxJQUFJLElBQUksQ0FBQyxjQUFlLGdCQUFpQixlQUFnQixFQUFFLENBQUMsQ0FBQztJQUNqTCxDQUFDO0lBRUQ7Ozs7Ozs7Ozs7Ozs7T0FhRztJQUNJLGVBQWUsQ0FBQyxNQUFjLEVBQUUsS0FBd0IsRUFBRSxRQUE0QjtRQUMzRixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsa0JBQW1CLE1BQU8sRUFBRSxFQUFFLEtBQUssRUFBRSxRQUFRLElBQUksWUFBWSxDQUFDLENBQUM7SUFDaEYsQ0FBQztJQUVEOzs7Ozs7Ozs7Ozs7T0FZRztJQUNJLGdCQUFnQixDQUFDLE1BQWMsRUFBRSxLQUF3QixFQUFFLFFBQTRCO1FBQzVGLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxtQkFBb0IsTUFBTyxFQUFFLEVBQUUsS0FBSyxFQUFFLFFBQVEsSUFBSSxZQUFZLENBQUMsQ0FBQztJQUNqRixDQUFDO0lBRUQ7Ozs7Ozs7Ozs7Ozs7T0FhRztJQUNJLFlBQVksQ0FBQyxLQUF3QixFQUFFLFFBQTRCO1FBQ3hFLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxhQUFhLEVBQUUsS0FBSyxFQUFFLFFBQVEsSUFBSSxZQUFZLENBQUMsQ0FBQztJQUNqRSxDQUFDO0lBRUQ7Ozs7Ozs7Ozs7Ozs7Ozs7OztPQWtCRztJQUNJLDBCQUEwQixDQUFDLEtBQXdCLEVBQUUsUUFBNEI7UUFDdEYsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLDBCQUEwQixFQUFFLEtBQUssRUFBRSxRQUFRLElBQUksWUFBWSxDQUFDLENBQUM7SUFDOUUsQ0FBQztJQUVEOzs7Ozs7Ozs7OztPQVdHO0lBQ0ksZ0JBQWdCLENBQUMsTUFBYyxFQUFFLEtBQXdCLEVBQUUsUUFBNEI7UUFDNUYsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLGtCQUFtQixNQUFPLEVBQUUsRUFBRSxLQUFLLEVBQUUsUUFBUSxJQUFJLFlBQVksQ0FBQyxDQUFDO0lBQ2hGLENBQUM7SUFFRDs7Ozs7Ozs7T0FRRztJQUNJLHFDQUFxQyxDQUFDLEtBQXdCLEVBQUUsUUFBNEI7UUFDakcsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLHFDQUFxQyxFQUFFLEtBQUssRUFBRSxRQUFRLElBQUksWUFBWSxDQUFDLENBQUM7SUFDekYsQ0FBQztJQUVEOzs7Ozs7Ozs7OztPQVdHO0lBQ0ksV0FBVyxDQUFDLE1BQWMsRUFBRSxLQUF3QixFQUFFLFFBQTRCO1FBQ3ZGLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxhQUFjLE1BQU8sRUFBRSxFQUFFLEtBQUssRUFBRSxRQUFRLElBQUksWUFBWSxDQUFDLENBQUM7SUFDM0UsQ0FBQztJQUVEOzs7Ozs7Ozs7Ozs7Ozs7Ozs7T0FrQkc7SUFDSSx3QkFBd0IsQ0FBQyxLQUF3QixFQUFFLFFBQTRCO1FBQ3BGLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyx3QkFBd0IsRUFBRSxLQUFLLEVBQUUsUUFBUSxJQUFJLFlBQVksQ0FBQyxDQUFDO0lBQzVFLENBQUM7SUFFRDs7Ozs7Ozs7Ozs7Ozs7Ozs7O09Ba0JHO0lBQ0ksb0JBQW9CLENBQUMsS0FBd0IsRUFBRSxRQUE0QjtRQUNoRixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsb0JBQW9CLEVBQUUsS0FBSyxFQUFFLFFBQVEsSUFBSSxTQUFTLENBQUMsQ0FBQztJQUNyRSxDQUFDO0lBRUQ7Ozs7Ozs7Ozs7O09BV0c7SUFDSSxjQUFjLENBQUMsS0FBd0IsRUFBRSxRQUE0QjtRQUMxRSxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsY0FBYyxFQUFFLEtBQUssRUFBRSxRQUFRLElBQUksWUFBWSxDQUFDLENBQUM7SUFDbEUsQ0FBQztJQUVEOzs7Ozs7OztPQVFHO0lBQ0ksYUFBYSxDQUFDLEtBQXdCLEVBQUUsUUFBNEI7UUFDekUsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLGFBQWEsRUFBRSxLQUFLLEVBQUUsUUFBUSxJQUFJLFlBQVksQ0FBQyxDQUFDO0lBQ2pFLENBQUM7SUFFRDs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7O09BaUNHO0lBQ0ksaUJBQWlCLENBQUMsS0FBd0IsRUFBRSxRQUE0QjtRQUM3RSxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsaUJBQWlCLEVBQUUsS0FBSyxFQUFFLFFBQVEsSUFBSSxZQUFZLENBQUMsQ0FBQztJQUNyRSxDQUFDO0lBRUQ7Ozs7Ozs7Ozs7T0FVRztJQUNJLGFBQWEsQ0FBQyxLQUF3QixFQUFFLFFBQTRCO1FBQ3pFLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxhQUFhLEVBQUUsS0FBSyxFQUFFLFFBQVEsSUFBSSxZQUFZLENBQUMsQ0FBQztJQUNqRSxDQUFDO0lBRUQ7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7T0ErQkc7SUFDSSxZQUFZLENBQUMsS0FBd0IsRUFBRSxRQUE0QjtRQUN4RSxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsWUFBWSxFQUFFLEtBQUssRUFBRSxRQUFRLElBQUksZUFBZSxDQUFDLENBQUM7SUFDbkUsQ0FBQztJQUVEOzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7T0FpQ0c7SUFDSSxVQUFVLENBQUMsS0FBd0IsRUFBRSxRQUE0QjtRQUN0RSxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsVUFBVSxFQUFFLEtBQUssRUFBRSxRQUFRLElBQUksWUFBWSxDQUFDLENBQUM7SUFDOUQsQ0FBQztJQUVEOzs7Ozs7Ozs7O09BVUc7SUFDSSxjQUFjLENBQUMsS0FBd0IsRUFBRSxRQUE0QjtRQUMxRSxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsY0FBYyxFQUFFLEtBQUssRUFBRSxRQUFRLElBQUksZUFBZSxDQUFDLENBQUM7SUFDckUsQ0FBQztJQUVEOzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7T0FpQ0c7SUFDSSxrQkFBa0IsQ0FBQyxLQUF3QixFQUFFLFFBQTRCO1FBQzlFLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyxrQkFBa0IsRUFBRSxLQUFLLEVBQUUsUUFBUSxJQUFJLFlBQVksQ0FBQyxDQUFDO0lBQ3RFLENBQUM7SUFFRDs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7O09BaUNHO0lBQ0ksbUJBQW1CLENBQUMsS0FBd0IsRUFBRSxRQUE0QjtRQUMvRSxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsc0JBQXNCLEVBQUUsS0FBSyxFQUFFLFFBQVEsSUFBSSxZQUFZLENBQUMsQ0FBQztJQUMxRSxDQUFDO0lBRUQ7Ozs7Ozs7Ozs7T0FVRztJQUNJLDBCQUEwQixDQUFDLEtBQXdCLEVBQUUsUUFBNEI7UUFDdEYsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDLDhCQUE4QixFQUFFLEtBQUssRUFBRSxRQUFRLElBQUksWUFBWSxDQUFDLENBQUM7SUFDbEYsQ0FBQztJQUVEOzs7Ozs7Ozs7O09BVUc7SUFDSSxxQ0FBcUMsQ0FBQyxLQUF3QixFQUFFLFFBQTRCO1FBQ2pHLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQyw2Q0FBNkMsRUFBRSxLQUFLLEVBQUUsUUFBUSxJQUFJLFNBQVMsQ0FBQyxDQUFDO0lBQzlGLENBQUM7Q0FDRjtBQTErQkQsOEJBMCtCQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCB7IEFjY2Vzc0xldmVsTGlzdCB9IGZyb20gJy4uLy4uL3NoYXJlZC9hY2Nlc3MtbGV2ZWwnO1xuaW1wb3J0IHsgUG9saWN5U3RhdGVtZW50LCBPcGVyYXRvciB9IGZyb20gJy4uLy4uL3NoYXJlZCc7XG5cbi8qKlxuICogU3RhdGVtZW50IHByb3ZpZGVyIGZvciBzZXJ2aWNlIFtzM2V4cHJlc3NdKGh0dHBzOi8vZG9jcy5hd3MuYW1hem9uLmNvbS9zZXJ2aWNlLWF1dGhvcml6YXRpb24vbGF0ZXN0L3JlZmVyZW5jZS9saXN0X2FtYXpvbnMzZXhwcmVzcy5odG1sKS5cbiAqXG4gKiBAcGFyYW0gc2lkIFtTSURdKGh0dHBzOi8vZG9jcy5hd3MuYW1hem9uLmNvbS9JQU0vbGF0ZXN0L1VzZXJHdWlkZS9yZWZlcmVuY2VfcG9saWNpZXNfZWxlbWVudHNfc2lkLmh0bWwpIG9mIHRoZSBzdGF0ZW1lbnRcbiAqL1xuZXhwb3J0IGNsYXNzIFMzZXhwcmVzcyBleHRlbmRzIFBvbGljeVN0YXRlbWVudCB7XG4gIHB1YmxpYyBzZXJ2aWNlUHJlZml4ID0gJ3MzZXhwcmVzcyc7XG5cbiAgLyoqXG4gICAqIFN0YXRlbWVudCBwcm92aWRlciBmb3Igc2VydmljZSBbczNleHByZXNzXShodHRwczovL2RvY3MuYXdzLmFtYXpvbi5jb20vc2VydmljZS1hdXRob3JpemF0aW9uL2xhdGVzdC9yZWZlcmVuY2UvbGlzdF9hbWF6b25zM2V4cHJlc3MuaHRtbCkuXG4gICAqXG4gICAqIEBwYXJhbSBzaWQgW1NJRF0oaHR0cHM6Ly9kb2NzLmF3cy5hbWF6b24uY29tL0lBTS9sYXRlc3QvVXNlckd1aWRlL3JlZmVyZW5jZV9wb2xpY2llc19lbGVtZW50c19zaWQuaHRtbCkgb2YgdGhlIHN0YXRlbWVudFxuICAgKi9cbiAgY29uc3RydWN0b3Ioc2lkPzogc3RyaW5nKSB7XG4gICAgc3VwZXIoc2lkKTtcbiAgfVxuXG4gIC8qKlxuICAgKiBHcmFudHMgcGVybWlzc2lvbiB0byBjcmVhdGUgYSBuZXcgYWNjZXNzIHBvaW50XG4gICAqXG4gICAqIEFjY2VzcyBMZXZlbDogV3JpdGVcbiAgICpcbiAgICogUG9zc2libGUgY29uZGl0aW9uczpcbiAgICogLSAuaWZEYXRhQWNjZXNzUG9pbnRBY2NvdW50KClcbiAgICogLSAuaWZEYXRhQWNjZXNzUG9pbnRBcm4oKVxuICAgKiAtIC5pZkFjY2Vzc1BvaW50TmV0d29ya09yaWdpbigpXG4gICAqIC0gLmlmQXV0aFR5cGUoKVxuICAgKiAtIC5pZkxvY2F0aW9uTmFtZSgpXG4gICAqIC0gLmlmUmVzb3VyY2VBY2NvdW50KClcbiAgICogLSAuaWZTaWduYXR1cmV2ZXJzaW9uKClcbiAgICogLSAuaWZUbHNWZXJzaW9uKClcbiAgICogLSAuaWZYQW16Q29udGVudFNoYTI1NigpXG4gICAqIC0gLmlmQXdzUmVxdWVzdFRhZygpXG4gICAqIC0gLmlmQXdzVGFnS2V5cygpXG4gICAqXG4gICAqIGh0dHBzOi8vZG9jcy5hd3MuYW1hem9uLmNvbS9BbWF6b25TMy9sYXRlc3QvQVBJL0FQSV9jb250cm9sX0NyZWF0ZUFjY2Vzc1BvaW50Lmh0bWxcbiAgICovXG4gIHB1YmxpYyB0b0NyZWF0ZUFjY2Vzc1BvaW50KCkge1xuICAgIHJldHVybiB0aGlzLnRvKCdDcmVhdGVBY2Nlc3NQb2ludCcpO1xuICB9XG5cbiAgLyoqXG4gICAqIEdyYW50cyBwZXJtaXNzaW9uIHRvIGNyZWF0ZSBhIG5ldyBidWNrZXRcbiAgICpcbiAgICogQWNjZXNzIExldmVsOiBXcml0ZVxuICAgKlxuICAgKiBQb3NzaWJsZSBjb25kaXRpb25zOlxuICAgKiAtIC5pZkF1dGhUeXBlKClcbiAgICogLSAuaWZMb2NhdGlvbk5hbWUoKVxuICAgKiAtIC5pZlJlc291cmNlQWNjb3VudCgpXG4gICAqIC0gLmlmU2lnbmF0dXJldmVyc2lvbigpXG4gICAqIC0gLmlmVGxzVmVyc2lvbigpXG4gICAqIC0gLmlmWEFtekNvbnRlbnRTaGEyNTYoKVxuICAgKiAtIC5pZkF3c1JlcXVlc3RUYWcoKVxuICAgKiAtIC5pZkF3c1RhZ0tleXMoKVxuICAgKlxuICAgKiBodHRwczovL2RvY3MuYXdzLmFtYXpvbi5jb20vQW1hem9uUzMvbGF0ZXN0L0FQSS9BUElfQ3JlYXRlQnVja2V0Lmh0bWxcbiAgICovXG4gIHB1YmxpYyB0b0NyZWF0ZUJ1Y2tldCgpIHtcbiAgICByZXR1cm4gdGhpcy50bygnQ3JlYXRlQnVja2V0Jyk7XG4gIH1cblxuICAvKipcbiAgICogR3JhbnRzIHBlcm1pc3Npb24gdG8gQ3JlYXRlIFNlc3Npb24gdG9rZW4gd2hpY2ggaXMgdXNlZCBmb3Igb2JqZWN0IEFQSXMgc3VjaCBhcyBQdXRPYmplY3QsIEdldE9iamVjdCwgZXRjXG4gICAqXG4gICAqIEFjY2VzcyBMZXZlbDogV3JpdGVcbiAgICpcbiAgICogUG9zc2libGUgY29uZGl0aW9uczpcbiAgICogLSAuaWZBdXRoVHlwZSgpXG4gICAqIC0gLmlmUmVzb3VyY2VBY2NvdW50KClcbiAgICogLSAuaWZTZXNzaW9uTW9kZSgpXG4gICAqIC0gLmlmU2lnbmF0dXJlQWdlKClcbiAgICogLSAuaWZTaWduYXR1cmV2ZXJzaW9uKClcbiAgICogLSAuaWZUbHNWZXJzaW9uKClcbiAgICogLSAuaWZYQW16Q29udGVudFNoYTI1NigpXG4gICAqIC0gLmlmWEFtelNlcnZlclNpZGVFbmNyeXB0aW9uKClcbiAgICogLSAuaWZYQW16U2VydmVyU2lkZUVuY3J5cHRpb25Bd3NLbXNLZXlJZCgpXG4gICAqIC0gLmlmQWxsQWNjZXNzUmVzdHJpY3RlZFRvTG9jYWxab25lR3JvdXAoKVxuICAgKiAtIC5pZlBlcm1pc3Npb25zKClcbiAgICpcbiAgICogaHR0cHM6Ly9kb2NzLmF3cy5hbWF6b24uY29tL0FtYXpvblMzL2xhdGVzdC9BUEkvQVBJX0NyZWF0ZVNlc3Npb24uaHRtbFxuICAgKi9cbiAgcHVibGljIHRvQ3JlYXRlU2Vzc2lvbigpIHtcbiAgICByZXR1cm4gdGhpcy50bygnQ3JlYXRlU2Vzc2lvbicpO1xuICB9XG5cbiAgLyoqXG4gICAqIEdyYW50cyBwZXJtaXNzaW9uIHRvIGRlbGV0ZSB0aGUgYWNjZXNzIHBvaW50IG5hbWVkIGluIHRoZSBVUklcbiAgICpcbiAgICogQWNjZXNzIExldmVsOiBXcml0ZVxuICAgKlxuICAgKiBQb3NzaWJsZSBjb25kaXRpb25zOlxuICAgKiAtIC5pZkRhdGFBY2Nlc3NQb2ludEFjY291bnQoKVxuICAgKiAtIC5pZkRhdGFBY2Nlc3NQb2ludEFybigpXG4gICAqIC0gLmlmQWNjZXNzUG9pbnROZXR3b3JrT3JpZ2luKClcbiAgICogLSAuaWZBdXRoVHlwZSgpXG4gICAqIC0gLmlmUmVzb3VyY2VBY2NvdW50KClcbiAgICogLSAuaWZTaWduYXR1cmV2ZXJzaW9uKClcbiAgICogLSAuaWZUbHNWZXJzaW9uKClcbiAgICogLSAuaWZYQW16Q29udGVudFNoYTI1NigpXG4gICAqXG4gICAqIGh0dHBzOi8vZG9jcy5hd3MuYW1hem9uLmNvbS9BbWF6b25TMy9sYXRlc3QvQVBJL0FQSV9jb250cm9sX0RlbGV0ZUFjY2Vzc1BvaW50Lmh0bWxcbiAgICovXG4gIHB1YmxpYyB0b0RlbGV0ZUFjY2Vzc1BvaW50KCkge1xuICAgIHJldHVybiB0aGlzLnRvKCdEZWxldGVBY2Nlc3NQb2ludCcpO1xuICB9XG5cbiAgLyoqXG4gICAqIEdyYW50cyBwZXJtaXNzaW9uIHRvIGRlbGV0ZSB0aGUgcG9saWN5IG9uIGEgc3BlY2lmaWVkIGFjY2VzcyBwb2ludFxuICAgKlxuICAgKiBBY2Nlc3MgTGV2ZWw6IFBlcm1pc3Npb25zIG1hbmFnZW1lbnRcbiAgICpcbiAgICogUG9zc2libGUgY29uZGl0aW9uczpcbiAgICogLSAuaWZEYXRhQWNjZXNzUG9pbnRBY2NvdW50KClcbiAgICogLSAuaWZEYXRhQWNjZXNzUG9pbnRBcm4oKVxuICAgKiAtIC5pZkFjY2Vzc1BvaW50TmV0d29ya09yaWdpbigpXG4gICAqIC0gLmlmQXV0aFR5cGUoKVxuICAgKiAtIC5pZlJlc291cmNlQWNjb3VudCgpXG4gICAqIC0gLmlmU2lnbmF0dXJldmVyc2lvbigpXG4gICAqIC0gLmlmVGxzVmVyc2lvbigpXG4gICAqIC0gLmlmWEFtekNvbnRlbnRTaGEyNTYoKVxuICAgKlxuICAgKiBodHRwczovL2RvY3MuYXdzLmFtYXpvbi5jb20vQW1hem9uUzMvbGF0ZXN0L0FQSS9BUElfY29udHJvbF9EZWxldGVBY2Nlc3NQb2ludFBvbGljeS5odG1sXG4gICAqL1xuICBwdWJsaWMgdG9EZWxldGVBY2Nlc3NQb2ludFBvbGljeSgpIHtcbiAgICByZXR1cm4gdGhpcy50bygnRGVsZXRlQWNjZXNzUG9pbnRQb2xpY3knKTtcbiAgfVxuXG4gIC8qKlxuICAgKiBHcmFudHMgcGVybWlzc2lvbiB0byBkZWxldGUgdGhlIHNjb3BlIGNvbmZpZ3VyYXRpb24gb24gYSBzcGVjaWZpZWQgYWNjZXNzIHBvaW50XG4gICAqXG4gICAqIEFjY2VzcyBMZXZlbDogUGVybWlzc2lvbnMgbWFuYWdlbWVudFxuICAgKlxuICAgKiBQb3NzaWJsZSBjb25kaXRpb25zOlxuICAgKiAtIC5pZkRhdGFBY2Nlc3NQb2ludEFjY291bnQoKVxuICAgKiAtIC5pZkRhdGFBY2Nlc3NQb2ludEFybigpXG4gICAqIC0gLmlmQWNjZXNzUG9pbnROZXR3b3JrT3JpZ2luKClcbiAgICogLSAuaWZBdXRoVHlwZSgpXG4gICAqIC0gLmlmUmVzb3VyY2VBY2NvdW50KClcbiAgICogLSAuaWZTaWduYXR1cmV2ZXJzaW9uKClcbiAgICogLSAuaWZUbHNWZXJzaW9uKClcbiAgICogLSAuaWZYQW16Q29udGVudFNoYTI1NigpXG4gICAqXG4gICAqIGh0dHBzOi8vZG9jcy5hd3MuYW1hem9uLmNvbS9BbWF6b25TMy9sYXRlc3QvQVBJL0FQSV9jb250cm9sX0RlbGV0ZUFjY2Vzc1BvaW50U2NvcGUuaHRtbFxuICAgKi9cbiAgcHVibGljIHRvRGVsZXRlQWNjZXNzUG9pbnRTY29wZSgpIHtcbiAgICByZXR1cm4gdGhpcy50bygnRGVsZXRlQWNjZXNzUG9pbnRTY29wZScpO1xuICB9XG5cbiAgLyoqXG4gICAqIEdyYW50cyBwZXJtaXNzaW9uIHRvIGRlbGV0ZSB0aGUgYnVja2V0IG5hbWVkIGluIHRoZSBVUklcbiAgICpcbiAgICogQWNjZXNzIExldmVsOiBXcml0ZVxuICAgKlxuICAgKiBQb3NzaWJsZSBjb25kaXRpb25