iam-floyd
Version:
AWS IAM policy statement generator with fluent interface
367 lines (366 loc) • 13.4 kB
TypeScript
import { AccessLevelList } from '../../shared/access-level';
import { PolicyStatement, Operator } from '../../shared';
/**
* Statement provider for service [worklink](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonworklink.html).
*
* @param sid [SID](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_sid.html) of the statement
*/
export declare class Worklink extends PolicyStatement {
servicePrefix: string;
/**
* Statement provider for service [worklink](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonworklink.html).
*
* @param sid [SID](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_sid.html) of the statement
*/
constructor(sid?: string);
/**
* Grants permission to associate a domain with an Amazon WorkLink fleet
*
* Access Level: Write
*
* https://docs.aws.amazon.com/worklink/latest/api/API_AssociateDomain.html
*/
toAssociateDomain(): this;
/**
* Grants permission to associate a website authorization provider with an Amazon WorkLink fleet
*
* Access Level: Write
*
* https://docs.aws.amazon.com/worklink/latest/api/API_AssociateWebsiteAuthorizationProvider.html
*/
toAssociateWebsiteAuthorizationProvider(): this;
/**
* Grants permission to associate a website certificate authority with an Amazon WorkLink fleet
*
* Access Level: Write
*
* https://docs.aws.amazon.com/worklink/latest/api/API_AssociateWebsiteCertificateAuthority.html
*/
toAssociateWebsiteCertificateAuthority(): this;
/**
* Grants permission to create an Amazon WorkLink fleet
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/worklink/latest/api/API_CreateFleet.html
*/
toCreateFleet(): this;
/**
* Grants permission to delete an Amazon WorkLink fleet
*
* Access Level: Write
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/worklink/latest/api/API_DeleteFleet.html
*/
toDeleteFleet(): this;
/**
* Grants permission to describe the audit stream configuration for an Amazon WorkLink fleet
*
* Access Level: Read
*
* https://docs.aws.amazon.com/worklink/latest/api/API_DescribeAuditStreamConfiguration.html
*/
toDescribeAuditStreamConfiguration(): this;
/**
* Grants permission to describe the company network configuration for an Amazon WorkLink fleet
*
* Access Level: Read
*
* https://docs.aws.amazon.com/worklink/latest/api/API_DescribeCompanyNetworkConfiguration.html
*/
toDescribeCompanyNetworkConfiguration(): this;
/**
* Grants permission to describe details of a device associated with an Amazon WorkLink fleet
*
* Access Level: Read
*
* https://docs.aws.amazon.com/worklink/latest/api/API_DescribeDevice.html
*/
toDescribeDevice(): this;
/**
* Grants permission to describe the device policy configuration for an Amazon WorkLink fleet
*
* Access Level: Read
*
* https://docs.aws.amazon.com/worklink/latest/api/API_DescribeDevicePolicyConfiguration.html
*/
toDescribeDevicePolicyConfiguration(): this;
/**
* Grants permission to describe details about a domain associated with an Amazon WorkLink fleet
*
* Access Level: Read
*
* https://docs.aws.amazon.com/worklink/latest/api/API_DescribeDomain.html
*/
toDescribeDomain(): this;
/**
* Grants permission to describe metadata of an Amazon WorkLink fleet
*
* Access Level: Read
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/worklink/latest/api/API_DescribeFleetMetadata.html
*/
toDescribeFleetMetadata(): this;
/**
* Grants permission to describe the identity provider configuration for an Amazon WorkLink fleet
*
* Access Level: Read
*
* https://docs.aws.amazon.com/worklink/latest/api/API_DescribeIdentityProviderConfiguration.html
*/
toDescribeIdentityProviderConfiguration(): this;
/**
* Grants permission to describe a website certificate authority associated with an Amazon WorkLink fleet
*
* Access Level: Read
*
* https://docs.aws.amazon.com/worklink/latest/api/API_DescribeWebsiteCertificateAuthority.html
*/
toDescribeWebsiteCertificateAuthority(): this;
/**
* Grants permission to disassociate a domain from an Amazon WorkLink fleet
*
* Access Level: Write
*
* https://docs.aws.amazon.com/worklink/latest/api/API_DisassociateDomain.html
*/
toDisassociateDomain(): this;
/**
* Grants permission to disassociate a website authorization provider from an Amazon WorkLink fleet
*
* Access Level: Write
*
* https://docs.aws.amazon.com/worklink/latest/api/API_DisassociateWebsiteAuthorizationProvider.html
*/
toDisassociateWebsiteAuthorizationProvider(): this;
/**
* Grants permission to disassociate a website certificate authority from an Amazon WorkLink fleet
*
* Access Level: Write
*
* https://docs.aws.amazon.com/worklink/latest/api/API_DisassociateWebsiteCertificateAuthority.html
*/
toDisassociateWebsiteCertificateAuthority(): this;
/**
* Grants permission to list the devices associated with an Amazon WorkLink fleet
*
* Access Level: List
*
* https://docs.aws.amazon.com/worklink/latest/api/API_ListDevices.html
*/
toListDevices(): this;
/**
* Grants permission to list the associated domains for an Amazon WorkLink fleet
*
* Access Level: List
*
* https://docs.aws.amazon.com/worklink/latest/api/API_ListDomains.html
*/
toListDomains(): this;
/**
* Grants permission to list the Amazon WorkLink fleets associated with the account
*
* Access Level: List
*
* https://docs.aws.amazon.com/worklink/latest/api/API_ListFleets.html
*/
toListFleets(): this;
/**
* Grants permission to list tags for a resource
*
* Access Level: Read
*
* https://docs.aws.amazon.com/worklink/latest/api/API_ListTagsForResource.html
*/
toListTagsForResource(): this;
/**
* Grants permission to list the website authorization providers for an Amazon WorkLink fleet
*
* Access Level: List
*
* https://docs.aws.amazon.com/worklink/latest/api/API_ListWebsiteAuthorizationProviders.html
*/
toListWebsiteAuthorizationProviders(): this;
/**
* Grants permission to list the website certificate authorities associated with an Amazon WorkLink fleet
*
* Access Level: List
*
* https://docs.aws.amazon.com/worklink/latest/api/API_ListWebsiteCertificateAuthorities.html
*/
toListWebsiteCertificateAuthorities(): this;
/**
* Grants permission to restore access to a domain associated with an Amazon WorkLink fleet
*
* Access Level: Write
*
* https://docs.aws.amazon.com/worklink/latest/api/API_RestoreDomainAccess.html
*/
toRestoreDomainAccess(): this;
/**
* Grants permission to revoke access to a domain associated with an Amazon WorkLink fleet
*
* Access Level: Write
*
* https://docs.aws.amazon.com/worklink/latest/api/API_RevokeDomainAccess.html
*/
toRevokeDomainAccess(): this;
/**
* Grants permission to list devices for an Amazon WorkLink fleet
*
* Access Level: List
*
* https://docs.aws.amazon.com/worklink/latest/ag/manage-devices.html
*/
toSearchEntity(): this;
/**
* Grants permission to sign out a user from an Amazon WorkLink fleet
*
* Access Level: Write
*
* https://docs.aws.amazon.com/worklink/latest/api/API_SignOutUser.html
*/
toSignOutUser(): this;
/**
* Grants permission to add one or more tags to a resource
*
* Access Level: Tagging
*
* Possible conditions:
* - .ifAwsRequestTag()
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/worklink/latest/api/API_TagResource.html
*/
toTagResource(): this;
/**
* Grants permission to remove one or more tags from a resource
*
* Access Level: Tagging
*
* Possible conditions:
* - .ifAwsTagKeys()
*
* https://docs.aws.amazon.com/worklink/latest/api/API_UntagResource.html
*/
toUntagResource(): this;
/**
* Grants permission to update the audit stream configuration for an Amazon WorkLink fleet
*
* Access Level: Write
*
* https://docs.aws.amazon.com/worklink/latest/api/API_UpdateAuditStreamConfiguration.html
*/
toUpdateAuditStreamConfiguration(): this;
/**
* Grants permission to update the company network configuration for an Amazon WorkLink fleet
*
* Access Level: Write
*
* https://docs.aws.amazon.com/worklink/latest/api/API_UpdateCompanyNetworkConfiguration.html
*/
toUpdateCompanyNetworkConfiguration(): this;
/**
* Grants permission to update the device policy configuration for an Amazon WorkLink fleet
*
* Access Level: Write
*
* https://docs.aws.amazon.com/worklink/latest/api/API_UpdateDevicePolicyConfiguration.html
*/
toUpdateDevicePolicyConfiguration(): this;
/**
* Grants permission to update the metadata for a domain associated with an Amazon WorkLink fleet
*
* Access Level: Write
*
* https://docs.aws.amazon.com/worklink/latest/api/API_UpdateDomainMetadata.html
*/
toUpdateDomainMetadata(): this;
/**
* Grants permission to update the metadata of an Amazon WorkLink fleet
*
* Access Level: Write
*
* https://docs.aws.amazon.com/worklink/latest/api/API_UpdateFleetMetadata.html
*/
toUpdateFleetMetadata(): this;
/**
* Grants permission to update the identity provider configuration for an Amazon WorkLink fleet
*
* Access Level: Write
*
* https://docs.aws.amazon.com/worklink/latest/api/API_UpdateIdentityProviderConfiguration.html
*/
toUpdateIdentityProviderConfiguration(): this;
protected accessLevelList: AccessLevelList;
/**
* Adds a resource of type fleet to the statement
*
* https://docs.aws.amazon.com/worklink/latest/api/API_CreateFleet.html
*
* @param fleetName - Identifier for the fleetName.
* @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
* @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
*
* Possible conditions:
* - .ifAwsResourceTag()
*/
onFleet(fleetName: string, account?: string, partition?: string): this;
/**
* Filters actions based on the presence of tag key-value pairs in the request
*
* https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-requesttag
*
* Applies to actions:
* - .toCreateFleet()
* - .toDeleteFleet()
* - .toDescribeFleetMetadata()
* - .toTagResource()
*
* @param tagKey The tag key to check
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifAwsRequestTag(tagKey: string, value: string | string[], operator?: Operator | string): this;
/**
* Filters actions based on tag key-value pairs attached to the resource
*
* https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-resourcetag
*
* Applies to resource types:
* - fleet
*
* @param tagKey The tag key to check
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifAwsResourceTag(tagKey: string, value: string | string[], operator?: Operator | string): this;
/**
* Filters actions based on the presence of tag keys in the request
*
* https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-tagkeys
*
* Applies to actions:
* - .toCreateFleet()
* - .toDeleteFleet()
* - .toDescribeFleetMetadata()
* - .toTagResource()
* - .toUntagResource()
*
* @param value The value(s) to check
* @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
*/
ifAwsTagKeys(value: string | string[], operator?: Operator | string): this;
}