iam-floyd 0.732.0 → 0.734.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (92) hide show
  1. package/README.md +4 -4
  2. package/lib/generated/aws-managed-policies/cdk-iam-floyd.d.ts +22 -0
  3. package/lib/generated/aws-managed-policies/cdk-iam-floyd.js +45 -1
  4. package/lib/generated/aws-managed-policies/iam-floyd.d.ts +22 -0
  5. package/lib/generated/aws-managed-policies/iam-floyd.js +23 -1
  6. package/lib/generated/index.d.ts +3 -2
  7. package/lib/generated/index.js +14 -12
  8. package/lib/generated/policy-statements/apigatewaymanagement.d.ts +6 -0
  9. package/lib/generated/policy-statements/apigatewaymanagement.js +7 -1
  10. package/lib/generated/policy-statements/applicationmigrationservice.d.ts +43 -0
  11. package/lib/generated/policy-statements/applicationmigrationservice.js +56 -1
  12. package/lib/generated/policy-statements/backup.d.ts +127 -0
  13. package/lib/generated/policy-statements/backup.js +168 -3
  14. package/lib/generated/policy-statements/bedrock.d.ts +23 -0
  15. package/lib/generated/policy-statements/bedrock.js +29 -1
  16. package/lib/generated/policy-statements/bedrockagentcore.d.ts +13 -0
  17. package/lib/generated/policy-statements/bedrockagentcore.js +16 -1
  18. package/lib/generated/policy-statements/braket.d.ts +71 -0
  19. package/lib/generated/policy-statements/braket.js +88 -3
  20. package/lib/generated/policy-statements/cloudformation.d.ts +8 -0
  21. package/lib/generated/policy-statements/cloudformation.js +12 -1
  22. package/lib/generated/policy-statements/cloudfront.d.ts +160 -0
  23. package/lib/generated/policy-statements/cloudfront.js +210 -1
  24. package/lib/generated/policy-statements/cloudtrail.d.ts +10 -2
  25. package/lib/generated/policy-statements/cloudtrail.js +14 -3
  26. package/lib/generated/policy-statements/cloudwatchapplicationsignals.d.ts +8 -0
  27. package/lib/generated/policy-statements/cloudwatchapplicationsignals.js +12 -1
  28. package/lib/generated/policy-statements/cloudwatchlogs.d.ts +77 -0
  29. package/lib/generated/policy-statements/cloudwatchlogs.js +102 -2
  30. package/lib/generated/policy-statements/costoptimizationhub.d.ts +8 -0
  31. package/lib/generated/policy-statements/costoptimizationhub.js +12 -1
  32. package/lib/generated/policy-statements/databasemigrationservice.d.ts +32 -0
  33. package/lib/generated/policy-statements/databasemigrationservice.js +39 -1
  34. package/lib/generated/policy-statements/dynamodb.d.ts +37 -1
  35. package/lib/generated/policy-statements/dynamodb.js +46 -2
  36. package/lib/generated/policy-statements/ec2autoscaling.d.ts +16 -0
  37. package/lib/generated/policy-statements/ec2autoscaling.js +23 -1
  38. package/lib/generated/policy-statements/ec2imagebuilder.d.ts +30 -0
  39. package/lib/generated/policy-statements/ec2imagebuilder.js +37 -1
  40. package/lib/generated/policy-statements/elasticcontainerregistry.d.ts +64 -0
  41. package/lib/generated/policy-statements/elasticcontainerregistry.js +90 -2
  42. package/lib/generated/policy-statements/elasticcontainerservice.d.ts +74 -0
  43. package/lib/generated/policy-statements/elasticcontainerservice.js +87 -1
  44. package/lib/generated/policy-statements/glue.d.ts +17 -1
  45. package/lib/generated/policy-statements/glue.js +21 -2
  46. package/lib/generated/policy-statements/guardduty.d.ts +24 -0
  47. package/lib/generated/policy-statements/guardduty.js +34 -1
  48. package/lib/generated/policy-statements/healthomics.d.ts +0 -11
  49. package/lib/generated/policy-statements/healthomics.js +1 -14
  50. package/lib/generated/policy-statements/identityandaccessmanagementiam.d.ts +180 -0
  51. package/lib/generated/policy-statements/identityandaccessmanagementiam.js +224 -1
  52. package/lib/generated/policy-statements/identitystore.d.ts +144 -1
  53. package/lib/generated/policy-statements/identitystore.js +155 -2
  54. package/lib/generated/policy-statements/invoicingservice.d.ts +78 -0
  55. package/lib/generated/policy-statements/invoicingservice.js +101 -3
  56. package/lib/generated/policy-statements/kinesisvideostreams.d.ts +16 -0
  57. package/lib/generated/policy-statements/kinesisvideostreams.js +24 -2
  58. package/lib/generated/policy-statements/lakeformation.d.ts +16 -0
  59. package/lib/generated/policy-statements/lakeformation.js +23 -1
  60. package/lib/generated/policy-statements/licensemanager.d.ts +141 -3
  61. package/lib/generated/policy-statements/licensemanager.js +183 -5
  62. package/lib/generated/policy-statements/managedstreamingforapachekafka.d.ts +40 -2
  63. package/lib/generated/policy-statements/managedstreamingforapachekafka.js +50 -3
  64. package/lib/generated/policy-statements/organizations.d.ts +125 -0
  65. package/lib/generated/policy-statements/organizations.js +152 -3
  66. package/lib/generated/policy-statements/{partnercentralselling.d.ts → partnercentral.d.ts} +287 -9
  67. package/lib/generated/policy-statements/partnercentral.js +1172 -0
  68. package/lib/generated/policy-statements/pricingplanmanagerservice.d.ts +91 -0
  69. package/lib/generated/policy-statements/pricingplanmanagerservice.js +128 -0
  70. package/lib/generated/policy-statements/quicksight.d.ts +8 -0
  71. package/lib/generated/policy-statements/quicksight.js +28 -17
  72. package/lib/generated/policy-statements/resourcegrouptaggingapi.d.ts +8 -0
  73. package/lib/generated/policy-statements/resourcegrouptaggingapi.js +14 -1
  74. package/lib/generated/policy-statements/s3.d.ts +75 -1
  75. package/lib/generated/policy-statements/s3.js +84 -2
  76. package/lib/generated/policy-statements/{sagemakerunifiedstudiomcpisamanagedmcpsolutionforawsdataprocessingserviceslikeemr-glue_athena.d.ts → sagemakerunifiedstudiomcp.d.ts} +5 -5
  77. package/lib/generated/policy-statements/sagemakerunifiedstudiomcp.js +61 -0
  78. package/lib/generated/policy-statements/secretsmanager.d.ts +81 -0
  79. package/lib/generated/policy-statements/secretsmanager.js +88 -1
  80. package/lib/generated/policy-statements/securityhub.d.ts +16 -0
  81. package/lib/generated/policy-statements/securityhub.js +23 -1
  82. package/lib/generated/policy-statements/securityincidentresponse.d.ts +17 -0
  83. package/lib/generated/policy-statements/securityincidentresponse.js +24 -1
  84. package/lib/generated/policy-statements/service-oracledatabase-aws.d.ts +6 -0
  85. package/lib/generated/policy-statements/service-oracledatabase-aws.js +11 -2
  86. package/lib/generated/policy-statements/signin.d.ts +18 -2
  87. package/lib/generated/policy-statements/signin.js +27 -3
  88. package/lib/generated/policy-statements/usernotificationscontacts.d.ts +4 -0
  89. package/lib/generated/policy-statements/usernotificationscontacts.js +5 -1
  90. package/package.json +4 -4
  91. package/lib/generated/policy-statements/partnercentralselling.js +0 -841
  92. package/lib/generated/policy-statements/sagemakerunifiedstudiomcpisamanagedmcpsolutionforawsdataprocessingserviceslikeemr-glue_athena.js +0 -61
package/README.md CHANGED
@@ -16,10 +16,10 @@
16
16
  <!-- stats -->
17
17
  Support for:
18
18
 
19
- - 433 Services
20
- - 19457 Actions
21
- - 2071 Resource Types
22
- - 2188 Condition keys
19
+ - 434 Services
20
+ - 19602 Actions
21
+ - 2084 Resource Types
22
+ - 2210 Condition keys
23
23
  <!-- /stats -->
24
24
 
25
25
  ![EXPERIMENTAL](https://img.shields.io/badge/stability-experimantal-orange?style=for-the-badge)**<br>This is an early version of the package. The API will change while I implement new features. Therefore make sure you use an exact version in your `package.json` before it reaches 1.0.0.**
package/lib/generated/aws-managed-policies/cdk-iam-floyd.d.ts CHANGED
@@ -334,6 +334,8 @@ export declare class AwsManagedPolicy extends AwsManagedPolicyStatic {
334
334
  AmazonEKSLocalOutpostClusterPolicy(): aws_iam.IManagedPolicy;
335
335
  /** Allows Amazon EKS Local to call AWS services on your behalf. */
336
336
  AmazonEKSLocalOutpostServiceRolePolicy(): aws_iam.IManagedPolicy;
337
+ /** Provides read-only access to the Amazon EKS MCP service. This policy grants permissions to use only read-only tools in the EKS MCP service meant for observability, troubleshooting, retrieving EKS resource information, and getting EKS-optimized suggestions. */
338
+ AmazonEKSMCPReadOnlyAccess(): aws_iam.IManagedPolicy;
337
339
  /** Policy attached to the EKS Cluster Role that grants permissions to manage the cluster's networking resources. */
338
340
  AmazonEKSNetworkingPolicy(): aws_iam.IManagedPolicy;
339
341
  /** This policy allows Amazon Elastic Container Service for Kubernetes to create and manage the necessary resources to operate EKS Clusters. */
@@ -738,6 +740,8 @@ export declare class AwsManagedPolicy extends AwsManagedPolicyStatic {
738
740
  AmazonRedshiftAllCommandsFullAccess(): aws_iam.IManagedPolicy;
739
741
  /** This policy provides full access to Amazon Redshift Data APIs. This policy also grants scoped access to other required services. */
740
742
  AmazonRedshiftDataFullAccess(): aws_iam.IManagedPolicy;
743
+ /** This is an ease-of-use policy for running queries with Amazon Redshift Federated Authorization */
744
+ AmazonRedshiftFederatedAuthorization(): aws_iam.IManagedPolicy;
741
745
  /** Provides full access to Amazon Redshift via the AWS Management Console. */
742
746
  AmazonRedshiftFullAccess(): aws_iam.IManagedPolicy;
743
747
  /** Provides full access to the Amazon Redshift Query Editor and to saved queries via the AWS Management Console. */
@@ -890,6 +894,10 @@ export declare class AwsManagedPolicy extends AwsManagedPolicyStatic {
890
894
  AmazonSageMakerServiceCatalogProductsGlueServiceRolePolicy(): aws_iam.IManagedPolicy;
891
895
  /** Service role policy used by the AWS Lambda within the AWS ServiceCatalog provisioned products from Amazon SageMaker portfolio of products. Grants permissions to a set of related services including ECR, S3 and others. */
892
896
  AmazonSageMakerServiceCatalogProductsLambdaServiceRolePolicy(): aws_iam.IManagedPolicy;
897
+ /** Grants Systems Manager activation, session management, and KMS key operations permissions required for the SageMaker Spaces Addon to enable secure remote access to EKS SageMaker Spaces. */
898
+ AmazonSageMakerSpacesControllerPolicy(): aws_iam.IManagedPolicy;
899
+ /** Grants Systems KMS key operations permissions required for the SageMaker Spaces Router to enable secure remote access to EKS SageMaker Spaces. */
900
+ AmazonSageMakerSpacesRouterPolicy(): aws_iam.IManagedPolicy;
893
901
  /** This Amazon Managed Policy provides the necessary permissions to create and manage SageMaker Training Plans. It allows users to create Training Plans and Reserved Capacities, describe existing Training Plans, and perform search and listing operations. */
894
902
  AmazonSageMakerTrainingPlanCreateAccess(): aws_iam.IManagedPolicy;
895
903
  /** Provides full access to Amazon Security Lake and related services needed to administer Security Lake. */
@@ -1192,6 +1200,8 @@ export declare class AwsManagedPolicy extends AwsManagedPolicyStatic {
1192
1200
  AWSBackupFullAccess(): aws_iam.IManagedPolicy;
1193
1201
  /** Provides AWS BackupGateway permission to sync the metadata of Virtual Machines on your behalf */
1194
1202
  AWSBackupGatewayServiceRolePolicyForVirtualMachineMetadataSync(): aws_iam.IManagedPolicy;
1203
+ /** Provides GuardDuty permission to read your AWS Backup Recovery Points for malware scans */
1204
+ AWSBackupGuardDutyRolePolicyForScans(): aws_iam.IManagedPolicy;
1195
1205
  /** This policy grants users permissions to assign AWS resources to backup plans, create on-demand backups, and restore backups. This policy does not allow the user to create or edit backup plans or to delete scheduled backups after they are created. */
1196
1206
  AWSBackupOperatorAccess(): aws_iam.IManagedPolicy;
1197
1207
  /** This policy is for backup administators who use cross-account backup management to manage backups for the organization. */
@@ -1216,6 +1226,8 @@ export declare class AwsManagedPolicy extends AwsManagedPolicyStatic {
1216
1226
  AWSBackupServiceRolePolicyForS3Backup(): aws_iam.IManagedPolicy;
1217
1227
  /** Policy containing permissions necessary for AWS Backup to restore a S3 backup to a bucket. This includes read/write permissions to all S3 buckets, and permissions to GenerateDataKey and DescribeKey for all KMS keys. */
1218
1228
  AWSBackupServiceRolePolicyForS3Restore(): aws_iam.IManagedPolicy;
1229
+ /** Provides AWS Backup permission to perform malware scans on your AWS Backup Recovery Points */
1230
+ AWSBackupServiceRolePolicyForScans(): aws_iam.IManagedPolicy;
1219
1231
  /** Provides full access for AWS Batch resources. */
1220
1232
  AWSBatchFullAccess(): aws_iam.IManagedPolicy;
1221
1233
  /** Policy to enable CloudWatch Event Target for AWS Batch Job Submission */
@@ -1682,6 +1694,8 @@ export declare class AwsManagedPolicy extends AwsManagedPolicyStatic {
1682
1694
  AWSHealthImagingReadOnlyAccess(): aws_iam.IManagedPolicy;
1683
1695
  /** Provides the list of actions that are allowed for roles assumed with the IAM Identity Center identity context. AWS Security Token Service (AWS STS) automatically attaches this policy to assumed roles. The identity context is passed as ProvidedContext. */
1684
1696
  AWSIAMIdentityCenterAllowListForIdentityContext(): aws_iam.IManagedPolicy;
1697
+ /** Provides access to manage IAM Identity Center users from an external provider. */
1698
+ AWSIdentityCenterExternalManagementPolicy(): aws_iam.IManagedPolicy;
1685
1699
  /** Grants full access to the Identity Sync service */
1686
1700
  AWSIdentitySyncFullAccess(): aws_iam.IManagedPolicy;
1687
1701
  /** Read only access to the Identity Sync service */
@@ -1878,6 +1892,8 @@ export declare class AwsManagedPolicy extends AwsManagedPolicyStatic {
1878
1892
  AWSMarketplaceSellerProductsFullAccess(): aws_iam.IManagedPolicy;
1879
1893
  /** Provide sellers read-only access to AWS Marketplace Management Products page. */
1880
1894
  AWSMarketplaceSellerProductsReadOnly(): aws_iam.IManagedPolicy;
1895
+ /** Provides full access to all MCP service actions. This policy does not grant access to the actions taken by the MCP, only the MCP actions themselves. */
1896
+ AWSMcpServiceActionsFullAccess(): aws_iam.IManagedPolicy;
1881
1897
  /** The default policy that enables access to AWS Services and Resources used or managed by MediaConnect. */
1882
1898
  AWSMediaConnectServicePolicy(): aws_iam.IManagedPolicy;
1883
1899
  /** Allows MediaLive Anywhere to create and manage AWS resources on your behalf. */
@@ -1962,6 +1978,10 @@ export declare class AwsManagedPolicy extends AwsManagedPolicyStatic {
1962
1978
  AWSPanoramaServiceLinkedRolePolicy(): aws_iam.IManagedPolicy;
1963
1979
  /** Allows AWS Panorama to manage resources in Amazon S3, AWS IoT, AWS IoT GreenGrass, AWS Lambda, Amazon SageMaker, and Amazon CloudWatch Logs, and to pass service roles to AWS IoT, AWS IoT GreenGrass, and Amazon SageMaker. */
1964
1980
  AWSPanoramaServiceRolePolicy(): aws_iam.IManagedPolicy;
1981
+ /** Provides necessary access for channel handshake approval management activities. */
1982
+ AWSPartnerCentralChannelHandshakeApprovalManagement(): aws_iam.IManagedPolicy;
1983
+ /** Provides necessary access for channel management activities. */
1984
+ AWSPartnerCentralChannelManagement(): aws_iam.IManagedPolicy;
1965
1985
  /** Provides full access to AWS Partner Central and related AWS Services. */
1966
1986
  AWSPartnerCentralFullAccess(): aws_iam.IManagedPolicy;
1967
1987
  /** Provides necessary access for opportunity management activities. */
@@ -2790,6 +2810,8 @@ export declare class AwsManagedPolicy extends AwsManagedPolicyStatic {
2790
2810
  ServiceQuotasReadOnlyAccess(): aws_iam.IManagedPolicy;
2791
2811
  /** Allows Service Quotas to create support cases on your behalf */
2792
2812
  ServiceQuotasServiceRolePolicy(): aws_iam.IManagedPolicy;
2813
+ /** Provides permissions for programmatic access to AWS through the AWS Sign-in service, including OAuth2 token creation for developer tools and applications. */
2814
+ SignInLocalDevelopmentAccess(): aws_iam.IManagedPolicy;
2793
2815
  /** Provides full access to the Simple Workflow configuration service. */
2794
2816
  SimpleWorkflowFullAccess(): aws_iam.IManagedPolicy;
2795
2817
  /** Allows SMSVoice to publish metrics to CloudWatch on your behalf */