cdk-iam-floyd 0.771.0 → 0.773.0

package/README.md

@@ -16,9 +16,9 @@
 Support for:
 
 - 447 Services
-- 20563 Actions
-- 2184 Resource Types
-- 2314 Condition keys
+- 20597 Actions
+- 2189 Resource Types
+- 2319 Condition keys
 <!-- /stats -->
 
 ![EXPERIMENTAL](https://img.shields.io/badge/stability-experimantal-orange?style=for-the-badge)**<br>This is an early version of the package. The API will change while I implement new features. Therefore make sure you use an exact version in your `package.json` before it reaches 1.0.0.**

package/lib/generated/policy-statements/bedrockagentcore.d.ts

@@ -275,6 +275,22 @@ export declare class BedrockAgentcore extends PolicyStatement {
      * https://docs.aws.amazon.com/bedrock-agentcore-control/latest/APIReference/API_CreatePolicyEngine.html
      */
     toCreatePolicyEngine(): this;
+    /**
+     * Grants permission to create a new registry
+     *
+     * Access Level: Write
+     *
+     * https://docs.aws.amazon.com/bedrock-agentcore-control/latest/APIReference/API_CreateRegistry.html
+     */
+    toCreateRegistry(): this;
+    /**
+     * Grants permission to create a new registry record
+     *
+     * Access Level: Write
+     *
+     * https://docs.aws.amazon.com/bedrock-agentcore-control/latest/APIReference/API_CreateRegistryRecord.html
+     */
+    toCreateRegistryRecord(): this;
     /**
      * Grants permission to create a new Workload Identity
      *
@@ -419,6 +435,22 @@ export declare class BedrockAgentcore extends PolicyStatement {
      * https://docs.aws.amazon.com/bedrock-agentcore-control/latest/APIReference/API_DeletePolicyEngine.html
      */
     toDeletePolicyEngine(): this;
+    /**
+     * Grants permission to delete an existing registry
+     *
+     * Access Level: Write
+     *
+     * https://docs.aws.amazon.com/bedrock-agentcore-control/latest/APIReference/API_DeleteRegistry.html
+     */
+    toDeleteRegistry(): this;
+    /**
+     * Grants permission to delete an existing registry record
+     *
+     * Access Level: Write
+     *
+     * https://docs.aws.amazon.com/bedrock-agentcore-control/latest/APIReference/API_DeleteRegistryRecord.html
+     */
+    toDeleteRegistryRecord(): this;
     /**
      * Grants permission to delete the resource-based policy for a Bedrock resource
      *
@@ -607,6 +639,22 @@ export declare class BedrockAgentcore extends PolicyStatement {
      * https://docs.aws.amazon.com/bedrock-agentcore-control/latest/APIReference/API_GetPolicyGeneration.html
      */
     toGetPolicyGeneration(): this;
+    /**
+     * Grants permission to retrieve an existing registry
+     *
+     * Access Level: Read
+     *
+     * https://docs.aws.amazon.com/bedrock-agentcore-control/latest/APIReference/API_GetRegistry.html
+     */
+    toGetRegistry(): this;
+    /**
+     * Grants permission to retrieve an existing registry record
+     *
+     * Access Level: Read
+     *
+     * https://docs.aws.amazon.com/bedrock-agentcore-control/latest/APIReference/API_GetRegistryRecord.html
+     */
+    toGetRegistryRecord(): this;
     /**
      * Grants permission to retrieve an API Key associated with an Api Key Credential Provider
      *
@@ -737,6 +785,14 @@ export declare class BedrockAgentcore extends PolicyStatement {
      * https://docs.aws.amazon.com/bedrock-agentcore/latest/APIReference/welcome.html
      */
     toInvokeGateway(): this;
+    /**
+     * Grants permission to invoke an MCP operation against an existing registry
+     *
+     * Access Level: Read
+     *
+     * https://docs.aws.amazon.com/bedrock-agentcore/latest/APIReference/welcome.html
+     */
+    toInvokeRegistryMcp(): this;
     /**
      * Grants permission to list Actors
      *
@@ -929,6 +985,22 @@ export declare class BedrockAgentcore extends PolicyStatement {
      * https://docs.aws.amazon.com/bedrock-agentcore-control/latest/APIReference/API_ListPolicyGenerations.html
      */
     toListPolicyGenerations(): this;
+    /**
+     * Grants permission to list existing registries
+     *
+     * Access Level: List
+     *
+     * https://docs.aws.amazon.com/bedrock-agentcore-control/latest/APIReference/API_ListRegistries.html
+     */
+    toListRegistries(): this;
+    /**
+     * Grants permission to list existing registry records in a registry
+     *
+     * Access Level: List
+     *
+     * https://docs.aws.amazon.com/bedrock-agentcore-control/latest/APIReference/API_ListRegistryRecords.html
+     */
+    toListRegistryRecords(): this;
     /**
      * Grants permission to list sessions
      *
@@ -1008,6 +1080,14 @@ export declare class BedrockAgentcore extends PolicyStatement {
      * https://docs.aws.amazon.com/bedrock-agentcore/latest/APIReference/API_SaveBrowserSessionProfile.html
      */
     toSaveBrowserSessionProfile(): this;
+    /**
+     * Grants permission to search for registry records
+     *
+     * Access Level: Read
+     *
+     * https://docs.aws.amazon.com/bedrock-agentcore/latest/APIReference/API_SearchRegistryRecords.html
+     */
+    toSearchRegistryRecords(): this;
     /**
      * Grants permission to associate a Customer Managed Key (CMK) or a Service Managed Key with a specific TokenVault
      *
@@ -1077,6 +1157,14 @@ export declare class BedrockAgentcore extends PolicyStatement {
      * https://docs.aws.amazon.com/bedrock-agentcore/latest/APIReference/API_StopRuntimeSession.html
      */
     toStopRuntimeSession(): this;
+    /**
+     * Grants permission to submit a registry record for approval
+     *
+     * Access Level: Write
+     *
+     * https://docs.aws.amazon.com/bedrock-agentcore-control/latest/APIReference/API_SubmitRegistryRecordForApproval.html
+     */
+    toSubmitRegistryRecordForApproval(): this;
     /**
      * Grants permission to enable search on gateways
      *
@@ -1220,6 +1308,30 @@ export declare class BedrockAgentcore extends PolicyStatement {
      * https://docs.aws.amazon.com/bedrock-agentcore-control/latest/APIReference/API_UpdatePolicyEngine.html
      */
     toUpdatePolicyEngine(): this;
+    /**
+     * Grants permission to update an existing registry
+     *
+     * Access Level: Write
+     *
+     * https://docs.aws.amazon.com/bedrock-agentcore-control/latest/APIReference/API_UpdateRegistry.html
+     */
+    toUpdateRegistry(): this;
+    /**
+     * Grants permission to update an existing registry record
+     *
+     * Access Level: Write
+     *
+     * https://docs.aws.amazon.com/bedrock-agentcore-control/latest/APIReference/API_UpdateRegistryRecord.html
+     */
+    toUpdateRegistryRecord(): this;
+    /**
+     * Grants permission to update the status of a registry record
+     *
+     * Access Level: Write
+     *
+     * https://docs.aws.amazon.com/bedrock-agentcore-control/latest/APIReference/API_UpdateRegistryRecordStatus.html
+     */
+    toUpdateRegistryRecordStatus(): this;
     /**
      * Grants permission to update the metadata of an existing Workload Identity
      *
@@ -1484,6 +1596,29 @@ export declare class BedrockAgentcore extends PolicyStatement {
      * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
      */
     onPolicyGeneration(policyEngineId: string, policyGenerationId: string, account?: string, region?: string, partition?: string): this;
+    /**
+     * Adds a resource of type registry to the statement
+     *
+     * https://docs.aws.amazon.com/bedrock-agentcore/latest/APIReference/registry.html
+     *
+     * @param registryId - Identifier for the registryId.
+     * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
+     * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
+     * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
+     */
+    onRegistry(registryId: string, account?: string, region?: string, partition?: string): this;
+    /**
+     * Adds a resource of type registry-record to the statement
+     *
+     * https://docs.aws.amazon.com/bedrock-agentcore/latest/APIReference/registryRecord.html
+     *
+     * @param registryId - Identifier for the registryId.
+     * @param recordId - Identifier for the recordId.
+     * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
+     * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
+     * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
+     */
+    onRegistryRecord(registryId: string, recordId: string, account?: string, region?: string, partition?: string): this;
     /**
      * Filters access by creating requests based on the allowed set of values for each of the mandatory tags
      *