iam-floyd 0.728.0 → 0.729.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (40) hide show
  1. package/README.md +3 -3
  2. package/lib/generated/aws-managed-policies/cdk-iam-floyd.d.ts +8 -0
  3. package/lib/generated/aws-managed-policies/cdk-iam-floyd.js +17 -1
  4. package/lib/generated/aws-managed-policies/iam-floyd.d.ts +8 -0
  5. package/lib/generated/aws-managed-policies/iam-floyd.js +9 -1
  6. package/lib/generated/policy-statements/bedrock.d.ts +18 -0
  7. package/lib/generated/policy-statements/bedrock.js +24 -1
  8. package/lib/generated/policy-statements/bedrockagentcore.d.ts +0 -40
  9. package/lib/generated/policy-statements/bedrockagentcore.js +1 -45
  10. package/lib/generated/policy-statements/cloudfront.d.ts +39 -7
  11. package/lib/generated/policy-statements/cloudfront.js +52 -8
  12. package/lib/generated/policy-statements/cognitouserpools.d.ts +40 -0
  13. package/lib/generated/policy-statements/cognitouserpools.js +56 -1
  14. package/lib/generated/policy-statements/connect.d.ts +29 -1
  15. package/lib/generated/policy-statements/connect.js +36 -2
  16. package/lib/generated/policy-statements/ec2.d.ts +265 -79
  17. package/lib/generated/policy-statements/ec2.js +304 -86
  18. package/lib/generated/policy-statements/ec2autoscaling.d.ts +10 -0
  19. package/lib/generated/policy-statements/ec2autoscaling.js +14 -1
  20. package/lib/generated/policy-statements/elasticloadbalancingv2.d.ts +9 -1
  21. package/lib/generated/policy-statements/elasticloadbalancingv2.js +18 -3
  22. package/lib/generated/policy-statements/elementalmediaconnect.d.ts +98 -1
  23. package/lib/generated/policy-statements/elementalmediaconnect.js +104 -1
  24. package/lib/generated/policy-statements/emroneksemrcontainers.d.ts +8 -0
  25. package/lib/generated/policy-statements/emroneksemrcontainers.js +12 -1
  26. package/lib/generated/policy-statements/iotmanagedintegrations.d.ts +8 -0
  27. package/lib/generated/policy-statements/iotmanagedintegrations.js +12 -1
  28. package/lib/generated/policy-statements/keymanagementservice.d.ts +4 -0
  29. package/lib/generated/policy-statements/keymanagementservice.js +5 -1
  30. package/lib/generated/policy-statements/kinesisdatastreams.d.ts +34 -0
  31. package/lib/generated/policy-statements/kinesisdatastreams.js +48 -2
  32. package/lib/generated/policy-statements/lambda.d.ts +12 -0
  33. package/lib/generated/policy-statements/lambda.js +15 -1
  34. package/lib/generated/policy-statements/managedserviceforprometheus.d.ts +130 -0
  35. package/lib/generated/policy-statements/managedserviceforprometheus.js +160 -1
  36. package/lib/generated/policy-statements/rtbfabric.d.ts +41 -9
  37. package/lib/generated/policy-statements/rtbfabric.js +42 -10
  38. package/lib/generated/policy-statements/support.d.ts +8 -0
  39. package/lib/generated/policy-statements/support.js +12 -1
  40. package/package.json +6 -6
package/README.md CHANGED
@@ -17,9 +17,9 @@
17
17
  Support for:
18
18
 
19
19
  - 430 Services
20
- - 19302 Actions
21
- - 2062 Resource Types
22
- - 2172 Condition keys
20
+ - 19341 Actions
21
+ - 2065 Resource Types
22
+ - 2174 Condition keys
23
23
  <!-- /stats -->
24
24
 
25
25
  ![EXPERIMENTAL](https://img.shields.io/badge/stability-experimantal-orange?style=for-the-badge)**<br>This is an early version of the package. The API will change while I implement new features. Therefore make sure you use an exact version in your `package.json` before it reaches 1.0.0.**
@@ -50,6 +50,8 @@ export declare class AwsManagedPolicy extends AwsManagedPolicyStatic {
50
50
  AmazonAppFlowFullAccess(): aws_iam.IManagedPolicy;
51
51
  /** Provides read only access to Amazon Appflow flows */
52
52
  AmazonAppFlowReadOnlyAccess(): aws_iam.IManagedPolicy;
53
+ /** Grants permissions to ARC Region switch for plan execution and plan evaluation. */
54
+ AmazonApplicationRecoveryControllerRegionSwitchPlanExecutionPolicy(): aws_iam.IManagedPolicy;
53
55
  /** Provides full access to Amazon AppStream via the AWS Management Console. */
54
56
  AmazonAppStreamFullAccess(): aws_iam.IManagedPolicy;
55
57
  /** Amazon AppStream 2.0 access to AWS Certificate Manager Private CA in customer accounts for certificate-based authentication */
@@ -1116,6 +1118,8 @@ export declare class AwsManagedPolicy extends AwsManagedPolicyStatic {
1116
1118
  AWSApplicationMigrationFullAccess(): aws_iam.IManagedPolicy;
1117
1119
  /** This policy allows AWS Application Migration Service (MGN) to send meta-data about the progress of servers being migrated using MGN to AWS Migration Hub (MGH). MGN automatically creates an IAM role with this policy attached, and assumes this role. We do not recommend that you attach this policy to your IAM users or roles. */
1118
1120
  AWSApplicationMigrationMGHAccess(): aws_iam.IManagedPolicy;
1121
+ /** Provides permissions for Network Migration custom resource */
1122
+ AWSApplicationMigrationNetworkMigrationCustomResource(): aws_iam.IManagedPolicy;
1119
1123
  /** This policy provides permissions to all read-only public APIs of Application Migration Service (MGN), as well as some read-only APIs of other AWS services that are required in order to make full read-only use of the MGN console. Attach this policy to your IAM users or roles. */
1120
1124
  AWSApplicationMigrationReadOnlyAccess(): aws_iam.IManagedPolicy;
1121
1125
  /** This policy allows the Application Migration Service (MGN) Replication Servers, which are EC2 instances launched by Application Migration Service - to communicate with the MGN service, and to create EBS snapshots in your AWS account. An IAM role with this policy is attached (as an EC2 Instance Profile) by Application Migration Service to the MGN Replication Servers which are automatically launched and terminated by MGN, as needed. MGN Replication Servers are used to facilitate data replication from your external servers to AWS, as part of the migration process managed using MGN. We do not recommend that you attach this policy to your IAM users or roles. */
@@ -1370,6 +1374,8 @@ export declare class AwsManagedPolicy extends AwsManagedPolicyStatic {
1370
1374
  AWSConnector(): aws_iam.IManagedPolicy;
1371
1375
  /** Allows AWS Control Tower to call AWS services that provide automated account configuration and centralized governance on your behalf. */
1372
1376
  AWSControlTowerAccountServiceRolePolicy(): aws_iam.IManagedPolicy;
1377
+ /** AWS Control Tower enables AWS CloudTrail as a best practice and provides this role to AWS CloudTrail. AWS CloudTrail assumes this role to create and publish CloudTrail logs */
1378
+ AWSControlTowerCloudTrailRolePolicy(): aws_iam.IManagedPolicy;
1373
1379
  /** Provides permissions to manage the IAM Identity Center (IdC) resources in the member accounts enrolled with AWS Control Tower. The policy is attached to the AWSControlTowerAdmin role only if the customer has opted-into IAM IdC integration in their AWS Control Tower Landing Zone. */
1374
1380
  AWSControlTowerIdentityCenterManagementPolicy(): aws_iam.IManagedPolicy;
1375
1381
  /** Provides access to AWS Resources managed or used by AWS Control Tower */
@@ -2108,6 +2114,8 @@ export declare class AwsManagedPolicy extends AwsManagedPolicyStatic {
2108
2114
  AWSSavingsPlansFullAccess(): aws_iam.IManagedPolicy;
2109
2115
  /** Provides read only access to Savings Plans service */
2110
2116
  AWSSavingsPlansReadOnlyAccess(): aws_iam.IManagedPolicy;
2117
+ /** Provides access to retrieve and describe secrets from Secrets Manager. This policy also allows decrypting KMS keys for Secrets Manager secrets. */
2118
+ AWSSecretsManagerClientReadOnlyAccess(): aws_iam.IManagedPolicy;
2111
2119
  /** Provides full access to use AWS Security Hub. */
2112
2120
  AWSSecurityHubFullAccess(): aws_iam.IManagedPolicy;
2113
2121
  /** Grants permission to enable and manage AWS Security Hub within an organization. Includes enabling the service across the organization, and determining the delegated administrator account for the service. */