cdk-iam-floyd 0.708.0 → 0.710.0

package/README.md

@@ -16,10 +16,10 @@
 <!-- stats -->
 Support for:
 
-- 419 Services
-- 18517 Actions
-- 1989 Resource Types
-- 1951 Condition keys
+- 421 Services
+- 18549 Actions
+- 1992 Resource Types
+- 1957 Condition keys
 <!-- /stats -->
 
 ![EXPERIMENTAL](https://img.shields.io/badge/stability-experimantal-orange?style=for-the-badge)**<br>This is an early version of the package. The API will change while I implement new features. Therefore make sure you use an exact version in your `package.json` before it reaches 1.0.0.**

package/lib/generated/aws-managed-policies/cdk-iam-floyd.d.ts

@@ -446,6 +446,8 @@ export declare class AwsManagedPolicy extends AwsManagedPolicyStatic {
     AmazonGrafanaServiceLinkedRolePolicy(): aws_iam.IManagedPolicy;
     /** Provides full access to use Amazon GuardDuty. */
     AmazonGuardDutyFullAccess(): aws_iam.IManagedPolicy;
+    /** Provides full access to use Amazon GuardDuty */
+    AmazonGuardDutyFullAccessV2(): aws_iam.IManagedPolicy;
     /** GuardDuty malware protection uses the service-linked role (SLR) named AWSServiceRoleForAmazonGuardDutyMalwareProtection. This service-linked role allows GuardDuty malware protection to perform agent-less scans to detect malware. It allows GuardDuty to create snapshots in your account, and share the snapshots with the GuardDuty service account to scan for malware. It evaluates these shared snapshots and includes the retrieved EC2 instance metadata in the GuardDuty Malware Protection findings. The AWSServiceRoleForAmazonGuardDutyMalwareProtection service-linked role trusts the malware-protection.guardduty.amazonaws.com service to assume the role. */
     AmazonGuardDutyMalwareProtectionServiceRolePolicy(): aws_iam.IManagedPolicy;
     /** Provides read only access to Amazon GuardDuty resources */
@@ -834,6 +836,8 @@ export declare class AwsManagedPolicy extends AwsManagedPolicyStatic {
     AmazonSageMakerPartnerServiceCatalogProductsLambdaServiceRolePolicy(): aws_iam.IManagedPolicy;
     /** This Amazon Managed Policy grants permissions commonly needed for use with Callback steps and Lambda steps in SageMaker Model Building Pipelines. It is added to the AmazonSageMaker-ExecutionRole that can be created when setting up SageMaker Studio. It can also be attached to any other role that will be used for authoring or executing pipelines. */
     AmazonSageMakerPipelinesIntegrations(): aws_iam.IManagedPolicy;
+    /** This policy will be used By SageMaker Unified Studios to create VPC related resources for QuickSight */
+    AmazonSageMakerQuickSightVPCPolicy(): aws_iam.IManagedPolicy;
     /** Provides read only access to Amazon SageMaker via the AWS Management Console and SDK. */
     AmazonSageMakerReadOnly(): aws_iam.IManagedPolicy;
     /** Service role policy used by the AWS APIGateway within the AWS ServiceCatalog provisioned products from Amazon SageMaker portfolio of products. Grants permissions to a set of related services including CloudWatch Logs and others. */
@@ -962,6 +966,8 @@ export declare class AwsManagedPolicy extends AwsManagedPolicyStatic {
     AmazonWorkSpacesServiceAccess(): aws_iam.IManagedPolicy;
     /** Provides full access to Amazon WorkSpaces Thin Client as well as limited access to required related services */
     AmazonWorkSpacesThinClientFullAccess(): aws_iam.IManagedPolicy;
+    /** Enables access to AWS Services and Resources used or managed by Amazon WorkSpaces Thin Client Monitoring */
+    AmazonWorkSpacesThinClientMonitoringServiceRolePolicy(): aws_iam.IManagedPolicy;
     /** Provides read-only access to Amazon WorkSpaces Thin Client and its dependencies */
     AmazonWorkSpacesThinClientReadOnlyAccess(): aws_iam.IManagedPolicy;
     /** Provides read-only access to Amazon WorkSpaces Web and its dependencies through the AWS Management Console, SDK, and CLI. */
@@ -1856,6 +1862,10 @@ export declare class AwsManagedPolicy extends AwsManagedPolicyStatic {
     AWSMigrationHubStrategyServiceRolePolicy(): aws_iam.IManagedPolicy;
     /** Grants permissions to Amazon MSK Replicator to replicate data between MSK Clusters. */
     AWSMSKReplicatorExecutionRole(): aws_iam.IManagedPolicy;
+    /** Grants full access to AWS Network Firewall service, including permissions to create, configure, manage, and delete firewall resources, policies, and rule groups. Additionally includes permissions to modify VPC endpoints, S3 bucket policies, CloudWatch Logs configurations, and create service-linked roles for Network Firewall and log delivery services */
+    AWSNetworkFirewallFullAccess(): aws_iam.IManagedPolicy;
+    /** Provides read-only access to AWS Network Firewall resources via the AWS Management Console, CLI, and SDKs. This policy allows users to view and monitor firewall configurations, policies, rule groups, and associated resources, without the ability to make changes. */
+    AWSNetworkFirewallReadOnlyAccess(): aws_iam.IManagedPolicy;
     /** Allow AWSNetworkFirewall to create and manage necessary resources for your Firewalls. */
     AWSNetworkFirewallServiceRolePolicy(): aws_iam.IManagedPolicy;
     /** Allow NetworkManager to access resources associated with your Core Network */
@@ -2070,6 +2080,8 @@ export declare class AwsManagedPolicy extends AwsManagedPolicyStatic {
     AWSSecurityHubReadOnlyAccess(): aws_iam.IManagedPolicy;
     /** A service-linked role required for AWS Security Hub to access your resources. */
     AWSSecurityHubServiceRolePolicy(): aws_iam.IManagedPolicy;
+    /** This policy allows Security Hub to manage AWS Config rules and Security Hub resources in your organization and on your behalf. */
+    AWSSecurityHubV2ServiceRolePolicy(): aws_iam.IManagedPolicy;
     /** Policy provides customers with Read and Write permissions to case resources that are created through the Security Incident Response service. */
     AWSSecurityIncidentResponseCaseFullAccess(): aws_iam.IManagedPolicy;
     /** Policy provides customers with Read and Write permissions to all resources associated to the Security Incident Response service. */
@@ -2138,6 +2150,8 @@ export declare class AwsManagedPolicy extends AwsManagedPolicyStatic {
     AWSServiceRolePolicyForBackupReports(): aws_iam.IManagedPolicy;
     /** This policy contains permissions for testing restores and for cleaning up resources created during tests. */
     AWSServiceRolePolicyForBackupRestoreTesting(): aws_iam.IManagedPolicy;
+    /** This managed policy provides administrative access to Amazon WorkSpaces to manage EC2 instances in your AWS account */
+    AWSServiceRolePolicyForWorkspacesInstances(): aws_iam.IManagedPolicy;
     /** Provides the AWS DDoS Response Team with limited access to your AWS account to assist with DDoS attack mitigation during a high-severity event. */
     AWSShieldDRTAccessPolicy(): aws_iam.IManagedPolicy;
     /** Allows AWS Shield to access AWS resources on your behalf to provide DDoS protection. */
@@ -2550,6 +2564,8 @@ export declare class AwsManagedPolicy extends AwsManagedPolicyStatic {
     NeptuneReadOnlyAccess(): aws_iam.IManagedPolicy;
     /** Grants full access permissions to AWS services and actions required to set up and configure AWS network resources. */
     NetworkAdministrator(): aws_iam.IManagedPolicy;
+    /** Provides permissions for the AWS Shield network security director service linked role to assess specified environments. */
+    NetworkSecurityDirectorServiceLinkedRolePolicy(): aws_iam.IManagedPolicy;
     /** Provides full access to CloudWatch Observability Access Manager */
     OAMFullAccess(): aws_iam.IManagedPolicy;
     /** Provides Read Only access to CloudWatch Observability Access Manager */