npm - iam-floyd - Versions diffs - 0.660.0 → 0.663.0 - Mend

iam-floyd 0.660.0 → 0.663.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (14) hide show

package/README.md CHANGED Viewed

@@ -17,9 +17,9 @@
 Support for:
 - 417 Services
-- 18178 Actions
-- 1948 Resource Types
-- 1897 Condition keys
+- 18192 Actions
+- 1954 Resource Types
+- 1899 Condition keys
 <!-- /stats -->
 ![EXPERIMENTAL](https://img.shields.io/badge/stability-experimantal-orange?style=for-the-badge)**<br>This is an early version of the package. The API will change while I implement new features. Therefore make sure you use an exact version in your `package.json` before it reaches 1.0.0.**

package/lib/generated/policy-statements/apigatewaymanagement.d.ts CHANGED Viewed

@@ -21,6 +21,14 @@ export declare class Apigateway extends PolicyStatement {
      * https://docs.aws.amazon.com/apigateway/latest/api/API_Operations.html
      */
     toAddCertificateToDomain(): this;
+    /**
+     * Grants permission to create an access association from an access association source to a custom domain name for private APIs
+     *
+     * Access Level: Permissions management
+     *
+     * https://docs.aws.amazon.com/apigateway/latest/api/API_Operations.html
+     */
+    toCreateAccessAssociation(): this;
     /**
      * Grants permission to delete a particular resource
      *
@@ -77,6 +85,14 @@ export declare class Apigateway extends PolicyStatement {
      * https://docs.aws.amazon.com/apigateway/latest/api/API_Operations.html
      */
     toPUT(): this;
+    /**
+     * Grants permission to reject an existing access association owned by another account to a custom domain name for private APIs
+     *
+     * Access Level: Permissions management
+     *
+     * https://docs.aws.amazon.com/apigateway/latest/api/API_Operations.html
+     */
+    toRejectAccessAssociation(): this;
     /**
      * Grants permission to remove certificates for mutual TLS authentication from a domain name. This is an additional authorization control for managing the DomainName resource due to the sensitive nature of mTLS
      *
@@ -93,6 +109,22 @@ export declare class Apigateway extends PolicyStatement {
      * https://docs.aws.amazon.com/apigateway/latest/api/API_Operations.html
      */
     toSetWebACL(): this;
+    /**
+     * Grants permission to update the management policy of a custom domain name for private APIs
+     *
+     * Access Level: Permissions management
+     *
+     * https://docs.aws.amazon.com/apigateway/latest/api/API_Operations.html
+     */
+    toUpdateDomainNameManagementPolicy(): this;
+    /**
+     * Grants permission to update the invoke policy of a custom domain name for private APIs
+     *
+     * Access Level: Permissions management
+     *
+     * https://docs.aws.amazon.com/apigateway/latest/api/API_Operations.html
+     */
+    toUpdateDomainNamePolicy(): this;
     /**
      * Grants permission to manage the IAM resource policy for an API. This is an additional authorization control for managing an API due to the sensitive nature of the resource policy
      *
@@ -340,6 +372,34 @@ export declare class Apigateway extends PolicyStatement {
      * - .ifAwsResourceTag()
      */
     onDomainNames(region?: string, partition?: string): this;
+    /**
+     * Adds a resource of type DomainNameAccessAssociation to the statement
+     *
+     * https://docs.aws.amazon.com/apigateway/latest/api/API_DomainNameAccessAssociation.html
+     *
+     * @param domainName - Identifier for the domainName.
+     * @param sourceType - Identifier for the sourceType.
+     * @param sourceId - Identifier for the sourceId.
+     * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
+     * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
+     * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
+     */
+    onDomainNameAccessAssociation(domainName: string, sourceType: string, sourceId: string, account?: string, region?: string, partition?: string): this;
+    /**
+     * Adds a resource of type DomainNameAccessAssociations to the statement
+     *
+     * https://docs.aws.amazon.com/apigateway/latest/api/API_DomainNameAccessAssociation.html
+     *
+     * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
+     * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
+     * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
+     *
+     * Possible conditions:
+     * - .ifRequestAccessAssociationSource()
+     * - .ifRequestDomainNameArn()
+     * - .ifAwsResourceTag()
+     */
+    onDomainNameAccessAssociations(account?: string, region?: string, partition?: string): this;
     /**
      * Adds a resource of type GatewayResponse to the statement
      *
@@ -460,6 +520,52 @@ export declare class Apigateway extends PolicyStatement {
      * - .ifAwsResourceTag()
      */
     onModels(restApiId: string, region?: string, partition?: string): this;
+    /**
+     * Adds a resource of type PrivateBasePathMapping to the statement
+     *
+     * https://docs.aws.amazon.com/apigateway/latest/api/API_BasePathMapping.html
+     *
+     * @param domainName - Identifier for the domainName.
+     * @param domainIdentifier - Identifier for the domainIdentifier.
+     * @param basePath - Identifier for the basePath.
+     * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
+     * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
+     *
+     * Possible conditions:
+     * - .ifAwsResourceTag()
+     */
+    onPrivateBasePathMapping(domainName: string, domainIdentifier: string, basePath: string, region?: string, partition?: string): this;
+    /**
+     * Adds a resource of type PrivateBasePathMappings to the statement
+     *
+     * https://docs.aws.amazon.com/apigateway/latest/api/API_BasePathMapping.html
+     *
+     * @param domainName - Identifier for the domainName.
+     * @param domainIdentifier - Identifier for the domainIdentifier.
+     * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
+     * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
+     *
+     * Possible conditions:
+     * - .ifAwsResourceTag()
+     */
+    onPrivateBasePathMappings(domainName: string, domainIdentifier: string, region?: string, partition?: string): this;
+    /**
+     * Adds a resource of type PrivateDomainName to the statement
+     *
+     * https://docs.aws.amazon.com/apigateway/latest/api/API_DomainName.html
+     *
+     * @param domainName - Identifier for the domainName.
+     * @param domainIdentifier - Identifier for the domainIdentifier.
+     * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account.
+     * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region.
+     * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
+     *
+     * Possible conditions:
+     * - .ifRequestEndpointType()
+     * - .ifResourceEndpointType()
+     * - .ifAwsResourceTag()
+     */
+    onPrivateDomainName(domainName: string, domainIdentifier: string, account?: string, region?: string, partition?: string): this;
     /**
      * Adds a resource of type RequestValidator to the statement
      *
@@ -708,6 +814,18 @@ export declare class Apigateway extends PolicyStatement {
      * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition.
      */
     onTags(urlEncodedResourceARN: string, region?: string, partition?: string): this;
+    /**
+     * Filters access by access association source. Available during the CreateDomainNameAccessAssociation operation
+     *
+     * https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html
+     *
+     * Applies to resource types:
+     * - DomainNameAccessAssociations
+     *
+     * @param value The value(s) to check
+     * @param operator Works with [string operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_String). **Default:** `StringLike`
+     */
+    ifRequestAccessAssociationSource(value: string | string[], operator?: Operator | string): this;
     /**
      * Filters access by access log destination. Available during the CreateStage and UpdateStage operations
      *
@@ -802,6 +920,18 @@ export declare class Apigateway extends PolicyStatement {
      * @param value `true` or `false`. **Default:** `true`
      */
     ifRequestDisableExecuteApiEndpoint(value?: boolean): this;
+    /**
+     * Filters access by domain name ARN. Available during the CreateDomainNameAccessAssociation operation
+     *
+     * https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html
+     *
+     * Applies to resource types:
+     * - DomainNameAccessAssociations
+     *
+     * @param value The value(s) to check
+     * @param operator Works with [arn operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_ARN). **Default:** `ArnLike`
+     */
+    ifRequestDomainNameArn(value: string | string[], operator?: Operator | string): this;
     /**
      * Filters access by endpoint type. Available during the CreateDomainName, UpdateDomainName, CreateRestApi, and UpdateRestApi operations
      *
@@ -810,6 +940,7 @@ export declare class Apigateway extends PolicyStatement {
      * Applies to resource types:
      * - DomainName
      * - DomainNames
+     * - PrivateDomainName
      * - RestApi
      * - RestApis
      *
@@ -974,6 +1105,7 @@ export declare class Apigateway extends PolicyStatement {
      *
      * Applies to resource types:
      * - DomainName
+     * - PrivateDomainName
      * - RestApi
      *
      * @param value The value(s) to check
@@ -1067,6 +1199,7 @@ export declare class Apigateway extends PolicyStatement {
      * - DocumentationVersions
      * - DomainName
      * - DomainNames
+     * - DomainNameAccessAssociations
      * - GatewayResponse
      * - GatewayResponses
      * - Integration
@@ -1075,6 +1208,9 @@ export declare class Apigateway extends PolicyStatement {
      * - MethodResponse
      * - Model
      * - Models
+     * - PrivateBasePathMapping
+     * - PrivateBasePathMappings
+     * - PrivateDomainName
      * - RequestValidator
      * - RequestValidators
      * - Resource