iam-floyd

import { AccessLevelList } from '../../shared/access-level'; import { PolicyStatement } from '../../shared'; /** * Statement provider for service [securityagent](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecurityagent.html). * * @param sid [SID](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_sid.html) of the statement */ export declare class Securityagent extends PolicyStatement { servicePrefix: string; /** * Statement provider for service [securityagent](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecurityagent.html). * * @param sid [SID](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_sid.html) of the statement */ constructor(sid?: string); /** * Grants permission to add an Artifact for the given Agent Instance * * Access Level: Write * * https://docs.aws.amazon.com/securityagent/API_AddArtifact.html */ toAddArtifact(): this; /** * Grants permission to add a customer managed Control * * Access Level: Write * * https://docs.aws.amazon.com/securityagent/API_AddControl.html */ toAddControl(): this; /** * Grants permission to delete multiple penetration tests in a single request * * Access Level: Write * * https://docs.aws.amazon.com/securityagent/API_BatchDeletePentests.html */ toBatchDeletePentests(): this; /** * Grants permission to retrieve multiple agent instances in a single request * * Access Level: Read * * https://docs.aws.amazon.com/securityagent/API_BatchGetAgentInstances.html */ toBatchGetAgentInstances(): this; /** * Grants permission to retrieve one or more Artifact Metadata records for the given Agent Instance * * Access Level: Read * * https://docs.aws.amazon.com/securityagent/API_BatchGetArtifactMetadata.html */ toBatchGetArtifactMetadata(): this; /** * Grants permission to retrieve multiple security testing findings in a single request * * Access Level: Read * * https://docs.aws.amazon.com/securityagent/API_BatchGetFindings.html */ toBatchGetFindings(): this; /** * Grants permission to retrieve multiple security testing jobs in a single request * * Access Level: Read * * https://docs.aws.amazon.com/securityagent/API_BatchGetPentestJobs.html */ toBatchGetPentestJobs(): this; /** * Grants permission to retrieve multiple penetration tests in a single request * * Access Level: Read * * https://docs.aws.amazon.com/securityagent/API_BatchGetPentests.html */ toBatchGetPentests(): this; /** * Grants permission to retrieve multiple security testing contents metadata in a single request * * Access Level: Read * * https://docs.aws.amazon.com/securityagent/API_BatchGetSecurityTestContentMetadata.html */ toBatchGetSecurityTestContentMetadata(): this; /** * Grants permission to retrieve multiple security testing tasks in a single request * * Access Level: Read * * https://docs.aws.amazon.com/securityagent/API_BatchGetTasks.html */ toBatchGetTasks(): this; /** * Grants permission to create an agent instance record * * Access Level: Write * * https://docs.aws.amazon.com/securityagent/API_CreateAgentInstance.html */ toCreateAgentInstance(): this; /** * Grants permission to create a new application * * Access Level: Write * * Dependent actions: * - iam:PassRole * - sso:CreateApplication * * https://docs.aws.amazon.com/securityagent/API_CreateApplication.html */ toCreateApplication(): this; /** * Grants permission to create a document review * * Access Level: Write * * https://docs.aws.amazon.com/securityagent/API_CreateDocumentReview.html */ toCreateDocumentReview(): this; /** * Grants permission to create a security testing integration * * Access Level: Write * * https://docs.aws.amazon.com/securityagent/API_CreateIntegration.html */ toCreateIntegration(): this; /** * Grants permission to add a single member to a agent instance with specified role * * Access Level: Write * * https://docs.aws.amazon.com/securityagent/API_CreateMembership.html */ toCreateMembership(): this; /** * Grants permission to create a one time login session * * Access Level: Write * * https://docs.aws.amazon.com/securityagent/API_CreateOneTimeLoginSession.html */ toCreateOneTimeLoginSession(): this; /** * Grants permission to create a new penetration test configuration * * Access Level: Write * * https://docs.aws.amazon.com/securityagent/API_CreatePentest.html */ toCreatePentest(): this; /** * Grants permission to delete an agent instance record * * Access Level: Write * * https://docs.aws.amazon.com/securityagent/API_DeleteAgentInstance.html */ toDeleteAgentInstance(): this; /** * Grants permission to delete application * * Access Level: Write * * https://docs.aws.amazon.com/securityagent/API_DeleteApplication.html */ toDeleteApplication(): this; /** * Grants permission to delete an Artifact * * Access Level: Write * * https://docs.aws.amazon.com/securityagent/API_DeleteArtifact.html */ toDeleteArtifact(): this; /** * Grants permission to delete a customer managed Control * * Access Level: Write * * https://docs.aws.amazon.com/securityagent/API_DeleteControl.html */ toDeleteControl(): this; /** * Grants permission to delete the integration of an application * * Access Level: Write * * https://docs.aws.amazon.com/securityagent/API_DeleteIntegration.html */ toDeleteIntegration(): this; /** * Grants permission to remove a single member associated to an agent instance * * Access Level: Write * * https://docs.aws.amazon.com/securityagent/API_DeleteMembership.html */ toDeleteMembership(): this; /** * Grants permission to retrieve security findings for a penetration test or security testing tasks in a penetration test * * Access Level: Read * * https://docs.aws.amazon.com/securityagent/API_DescribeFindings.html */ toDescribeFindings(): this; /** * Grants permission to get application details by application ID * * Access Level: Read * * https://docs.aws.amazon.com/securityagent/API_GetApplication.html */ toGetApplication(): this; /** * Grants permission to retrieve an Artifact for the given Agent Instance * * Access Level: Read * * https://docs.aws.amazon.com/securityagent/API_GetArtifact.html */ toGetArtifact(): this; /** * Grants permission to retrieve a Code Review Task * * Access Level: Read * * https://docs.aws.amazon.com/securityagent/API_GetCodeReviewTask.html */ toGetCodeReviewTask(): this; /** * Grants permission to retrieve a Control * * Access Level: Read * * https://docs.aws.amazon.com/securityagent/API_GetControl.html */ toGetControl(): this; /** * Grants permission to retrieve a document review task * * Access Level: Read * * https://docs.aws.amazon.com/securityagent/API_GetDocReviewTask.html */ toGetDocReviewTask(): this; /** * Grants permission to get the status of the associated agent instance document review * * Access Level: Read * * https://docs.aws.amazon.com/securityagent/API_GetDocumentReview.html */ toGetDocumentReview(): this; /** * Grants permission to get document review artifact for a specific document * * Access Level: Read * * https://docs.aws.amazon.com/securityagent/API_GetDocumentReviewArtifact.html */ toGetDocumentReviewArtifact(): this; /** * Grants permission to get the integration metadata by ID * * Access Level: Read * * https://docs.aws.amazon.com/securityagent/API_GetIntegration.html */ toGetIntegration(): this; /** * Grants permission to retrieve credentials for a one time login session * * Access Level: Read * * https://docs.aws.amazon.com/securityagent/API_GetLoginSessionCredentials.html */ toGetLoginSessionCredentials(): this; /** * Grants permission to process and invalidate a one time login session * * Access Level: Write * * https://docs.aws.amazon.com/securityagent/API_HandleOneTimeLoginSession.html */ toHandleOneTimeLoginSession(): this; /** * Grants permission to initiate the registration of Security Agent App for the given provider (eg: GitHub) * * Access Level: Write * * https://docs.aws.amazon.com/securityagent/API_InitiateProviderRegistration.html */ toInitiateProviderRegistration(): this; /** * Grants permission to list tasks for a specific agent instance * * Access Level: List * * https://docs.aws.amazon.com/securityagent/API_ListAgentInstanceTasks.html */ toListAgentInstanceTasks(): this; /** * Grants permission to list agent instances * * Access Level: List * * https://docs.aws.amazon.com/securityagent/API_ListAgentInstances.html */ toListAgentInstances(): this; /** * Grants permission to list all applications in the account * * Access Level: List * * https://docs.aws.amazon.com/securityagent/API_ListApplications.html */ toListApplications(): this; /** * Grants permission to list all artifacts for the given project * * Access Level: List * * https://docs.aws.amazon.com/securityagent/API_ListArtifacts.html */ toListArtifacts(): this; /** * Grants permission to list all Controls * * Access Level: List * * https://docs.aws.amazon.com/securityagent/API_ListControls.html */ toListControls(): this; /** * Grants permission to list discovered endpoints associated with a pentest job with optional URI prefix filtering * * Access Level: List * * https://docs.aws.amazon.com/securityagent/API_ListDiscoveredEndpoints.html */ toListDiscoveredEndpoints(): this; /** * Grants permission to list document review comments * * Access Level: List * * https://docs.aws.amazon.com/securityagent/API_ListDocumentReviewComments.html */ toListDocumentReviewComments(): this; /** * Grants permission to list all document reviews for the given project * * Access Level: List * * https://docs.aws.amazon.com/securityagent/API_ListDocumentReviews.html */ toListDocumentReviews(): this; /** * Grants permission to list findings with filtering and pagination support * * Access Level: List * * https://docs.aws.amazon.com/securityagent/API_ListFindings.html */ toListFindings(): this; /** * Grants permission to list integrated resources for an agent instance * * Access Level: List * * https://docs.aws.amazon.com/securityagent/API_ListIntegratedResources.html */ toListIntegratedResources(): this; /** * Grants permission to get the integrations owned by the caller's AWS account * * Access Level: List * * https://docs.aws.amazon.com/securityagent/API_ListIntegrations.html */ toListIntegrations(): this; /** * Grants permission to list all members associated to an agent instance with pagination support * * Access Level: List * * https://docs.aws.amazon.com/securityagent/API_ListMemberships.html */ toListMemberships(): this; /** * Grants permission to list penetration test jobs associated with a penetration test * * Access Level: List * * https://docs.aws.amazon.com/securityagent/API_ListPentestJobsForPentest.html */ toListPentestJobsForPentest(): this; /** * Grants permission to list penetration tests with optional filtering by status * * Access Level: List * * https://docs.aws.amazon.com/securityagent/API_ListPentests.html */ toListPentests(): this; /** * Grants permission to list resources from Integration * * Access Level: List * * https://docs.aws.amazon.com/securityagent/API_ListResourcesFromIntegration.html */ toListResourcesFromIntegration(): this; /** * Grants permission to list security testing tasks associated with a pentest job * * Access Level: List * * https://docs.aws.amazon.com/securityagent/API_ListTasks.html */ toListTasks(): this; /** * Grants permission to start code remediation for the findings * * Access Level: Write * * https://docs.aws.amazon.com/securityagent/API_StartCodeRemediation.html */ toStartCodeRemediation(): this; /** * Grants permission to initiate the execution of a penetration test * * Access Level: Write * * https://docs.aws.amazon.com/securityagent/API_StartPentestExecution.html */ toStartPentestExecution(): this; /** * Grants permission to stop the execution of a running penetration test * * Access Level: Write * * https://docs.aws.amazon.com/securityagent/API_StopPentestExecution.html */ toStopPentestExecution(): this; /** * Grants permission to toggle the status * * Access Level: Write * * https://docs.aws.amazon.com/securityagent/API_ToggleManagedControl.html */ toToggleManagedControl(): this; /** * Grants permission to update an agent instance record * * Access Level: Write * * https://docs.aws.amazon.com/securityagent/API_UpdateAgentInstance.html */ toUpdateAgentInstance(): this; /** * Grants permission to update application configuration * * Access Level: Write * * Dependent actions: * - iam:PassRole * * https://docs.aws.amazon.com/securityagent/API_UpdateApplication.html */ toUpdateApplication(): this; /** * Grants permission to update a customer managed Control * * Access Level: Write * * https://docs.aws.amazon.com/securityagent/API_UpdateControl.html */ toUpdateControl(): this; /** * Grants permission to update an existing security finding with new details or status * * Access Level: Write * * https://docs.aws.amazon.com/securityagent/API_UpdateFinding.html */ toUpdateFinding(): this; /** * Grants permission to update integrated resources for an agent instance * * Access Level: Write * * https://docs.aws.amazon.com/securityagent/API_UpdateIntegratedResources.html */ toUpdateIntegratedResources(): this; /** * Grants permission to update an existing penetration test with new configuration or settings * * Access Level: Write * * https://docs.aws.amazon.com/securityagent/API_UpdatePentest.html */ toUpdatePentest(): this; /** * Grants permission to verify ownership for a registered target domain in an agent instance * * Access Level: Write * * https://docs.aws.amazon.com/securityagent/API_VerifyTargetDomain.html */ toVerifyTargetDomain(): this; protected accessLevelList: AccessLevelList; /** * Adds a resource of type Application to the statement * * https://docs.aws.amazon.com/securityagent/latest/userguide/auth-and-access-control-iam-access-control-identity-based.html#arn-formats * * @param applicationId - Identifier for the applicationId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. */ onApplication(applicationId: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type Control to the statement * * https://docs.aws.amazon.com/securityagent/latest/userguide/auth-and-access-control-iam-access-control-identity-based.html#arn-formats * * @param controlId - Identifier for the controlId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. */ onControl(controlId: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type Integration to the statement * * https://docs.aws.amazon.com/securityagent/latest/userguide/auth-and-access-control-iam-access-control-identity-based.html#arn-formats * * @param integrationId - Identifier for the integrationId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. */ onIntegration(integrationId: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type AgentInstance to the statement * * https://docs.aws.amazon.com/securityagent/latest/userguide/auth-and-access-control-iam-access-control-identity-based.html#arn-formats * * @param agentId - Identifier for the agentId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. */ onAgentInstance(agentId: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type Artifact to the statement * * https://docs.aws.amazon.com/securityagent/latest/userguide/auth-and-access-control-iam-access-control-identity-based.html#arn-formats * * @param agentId - Identifier for the agentId. * @param artifactId - Identifier for the artifactId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. */ onArtifact(agentId: string, artifactId: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type Pentest to the statement * * https://docs.aws.amazon.com/securityagent/latest/userguide/auth-and-access-control-iam-access-control-identity-based.html#arn-formats * * @param agentId - Identifier for the agentId. * @param pentestId - Identifier for the pentestId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. */ onPentest(agentId: string, pentestId: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type PentestJob to the statement * * https://docs.aws.amazon.com/securityagent/latest/userguide/auth-and-access-control-iam-access-control-identity-based.html#arn-formats * * @param agentId - Identifier for the agentId. * @param jobId - Identifier for the jobId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. */ onPentestJob(agentId: string, jobId: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type PentestTask to the statement * * https://docs.aws.amazon.com/securityagent/latest/userguide/auth-and-access-control-iam-access-control-identity-based.html#arn-formats * * @param agentId - Identifier for the agentId. * @param taskId - Identifier for the taskId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. */ onPentestTask(agentId: string, taskId: string, account?: string, region?: string, partition?: string): this; /** * Adds a resource of type Finding to the statement * * https://docs.aws.amazon.com/securityagent/latest/userguide/auth-and-access-control-iam-access-control-identity-based.html#arn-formats * * @param agentId - Identifier for the agentId. * @param findingId - Identifier for the findingId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. */ onFinding(agentId: string, findingId: string, account?: string, region?: string, partition?: string): this; }