terraconstructs 0.0.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.envrc +5 -0
- package/.jsii +79780 -0
- package/.mise.toml +8 -0
- package/.nvmrc +1 -0
- package/.terraform-version +1 -0
- package/.terraform.d/plugin-cache/.gitignore +5 -0
- package/LICENSE +674 -0
- package/NOTICE.txt +12 -0
- package/README.md +42 -0
- package/bun.lockb +0 -0
- package/go.mod +158 -0
- package/go.sum +1206 -0
- package/lib/aws/arn.d.ts +187 -0
- package/lib/aws/arn.js +383 -0
- package/lib/aws/aws-construct.d.ts +76 -0
- package/lib/aws/aws-construct.js +38 -0
- package/lib/aws/aws-stack.d.ts +201 -0
- package/lib/aws/aws-stack.js +303 -0
- package/lib/aws/cloudwatch/actions/ec2.d.ts +35 -0
- package/lib/aws/cloudwatch/actions/ec2.js +48 -0
- package/lib/aws/cloudwatch/actions/index.d.ts +2 -0
- package/lib/aws/cloudwatch/actions/index.js +24 -0
- package/lib/aws/cloudwatch/actions/lambda.d.ts +16 -0
- package/lib/aws/cloudwatch/actions/lambda.js +48 -0
- package/lib/aws/cloudwatch/alarm-action.d.ts +23 -0
- package/lib/aws/cloudwatch/alarm-action.js +4 -0
- package/lib/aws/cloudwatch/alarm-base.d.ts +84 -0
- package/lib/aws/cloudwatch/alarm-base.js +64 -0
- package/lib/aws/cloudwatch/alarm-rule.d.ts +61 -0
- package/lib/aws/cloudwatch/alarm-rule.js +116 -0
- package/lib/aws/cloudwatch/alarm-status-widget.d.ts +77 -0
- package/lib/aws/cloudwatch/alarm-status-widget.js +62 -0
- package/lib/aws/cloudwatch/alarm.d.ts +158 -0
- package/lib/aws/cloudwatch/alarm.js +410 -0
- package/lib/aws/cloudwatch/composite-alarm.d.ts +88 -0
- package/lib/aws/cloudwatch/composite-alarm.js +98 -0
- package/lib/aws/cloudwatch/dashboard.d.ts +137 -0
- package/lib/aws/cloudwatch/dashboard.js +141 -0
- package/lib/aws/cloudwatch/data-protection-policy.d.ts +184 -0
- package/lib/aws/cloudwatch/data-protection-policy.js +246 -0
- package/lib/aws/cloudwatch/graph.d.ts +792 -0
- package/lib/aws/cloudwatch/graph.js +537 -0
- package/lib/aws/cloudwatch/index.d.ts +26 -0
- package/lib/aws/cloudwatch/index.js +49 -0
- package/lib/aws/cloudwatch/layout.d.ts +89 -0
- package/lib/aws/cloudwatch/layout.js +147 -0
- package/lib/aws/cloudwatch/log-destinations/index.d.ts +2 -0
- package/lib/aws/cloudwatch/log-destinations/index.js +20 -0
- package/lib/aws/cloudwatch/log-destinations/kinesis.d.ts +29 -0
- package/lib/aws/cloudwatch/log-destinations/kinesis.js +52 -0
- package/lib/aws/cloudwatch/log-destinations/lambda.d.ts +22 -0
- package/lib/aws/cloudwatch/log-destinations/lambda.js +46 -0
- package/lib/aws/cloudwatch/log-group.d.ts +453 -0
- package/lib/aws/cloudwatch/log-group.js +350 -0
- package/lib/aws/cloudwatch/log-query.d.ts +91 -0
- package/lib/aws/cloudwatch/log-query.js +85 -0
- package/lib/aws/cloudwatch/log-stream.d.ts +57 -0
- package/lib/aws/cloudwatch/log-stream.js +57 -0
- package/lib/aws/cloudwatch/metric-filter.d.ts +30 -0
- package/lib/aws/cloudwatch/metric-filter.js +69 -0
- package/lib/aws/cloudwatch/metric-types.d.ts +407 -0
- package/lib/aws/cloudwatch/metric-types.js +151 -0
- package/lib/aws/cloudwatch/metric.d.ts +492 -0
- package/lib/aws/cloudwatch/metric.js +493 -0
- package/lib/aws/cloudwatch/pattern.d.ts +195 -0
- package/lib/aws/cloudwatch/pattern.js +412 -0
- package/lib/aws/cloudwatch/policy.d.ts +43 -0
- package/lib/aws/cloudwatch/policy.js +50 -0
- package/lib/aws/cloudwatch/private/drop-empty-object-at-the-end-of-an-array-token.d.ts +14 -0
- package/lib/aws/cloudwatch/private/drop-empty-object-at-the-end-of-an-array-token.js +37 -0
- package/lib/aws/cloudwatch/private/env-tokens.d.ts +8 -0
- package/lib/aws/cloudwatch/private/env-tokens.js +48 -0
- package/lib/aws/cloudwatch/private/metric-util.d.ts +60 -0
- package/lib/aws/cloudwatch/private/metric-util.js +132 -0
- package/lib/aws/cloudwatch/private/object.d.ts +1 -0
- package/lib/aws/cloudwatch/private/object.js +18 -0
- package/lib/aws/cloudwatch/private/rendering.d.ts +60 -0
- package/lib/aws/cloudwatch/private/rendering.js +181 -0
- package/lib/aws/cloudwatch/private/statistic.d.ts +51 -0
- package/lib/aws/cloudwatch/private/statistic.js +176 -0
- package/lib/aws/cloudwatch/query-definition.d.ts +150 -0
- package/lib/aws/cloudwatch/query-definition.js +114 -0
- package/lib/aws/cloudwatch/stats.d.ts +150 -0
- package/lib/aws/cloudwatch/stats.js +207 -0
- package/lib/aws/cloudwatch/subscription-filter.d.ts +75 -0
- package/lib/aws/cloudwatch/subscription-filter.js +51 -0
- package/lib/aws/cloudwatch/text.d.ts +52 -0
- package/lib/aws/cloudwatch/text.js +53 -0
- package/lib/aws/cloudwatch/variable.d.ts +156 -0
- package/lib/aws/cloudwatch/variable.js +156 -0
- package/lib/aws/cloudwatch/widget.d.ts +62 -0
- package/lib/aws/cloudwatch/widget.js +45 -0
- package/lib/aws/compute/activity.d.ts +81 -0
- package/lib/aws/compute/activity.js +132 -0
- package/lib/aws/compute/architecture.d.ts +33 -0
- package/lib/aws/compute/architecture.js +42 -0
- package/lib/aws/compute/chain.d.ts +52 -0
- package/lib/aws/compute/chain.js +68 -0
- package/lib/aws/compute/condition.d.ts +202 -0
- package/lib/aws/compute/condition.js +409 -0
- package/lib/aws/compute/event-invoke-config.d.ts +74 -0
- package/lib/aws/compute/event-invoke-config.js +63 -0
- package/lib/aws/compute/event-source-filter.d.ts +64 -0
- package/lib/aws/compute/event-source-filter.js +86 -0
- package/lib/aws/compute/event-source-mapping.d.ts +310 -0
- package/lib/aws/compute/event-source-mapping.js +267 -0
- package/lib/aws/compute/event-sources/index.d.ts +4 -0
- package/lib/aws/compute/event-sources/index.js +28 -0
- package/lib/aws/compute/event-sources/s3-onfailure-destination.d.ts +13 -0
- package/lib/aws/compute/event-sources/s3-onfailure-destination.js +26 -0
- package/lib/aws/compute/event-sources/s3.d.ts +24 -0
- package/lib/aws/compute/event-sources/s3.js +25 -0
- package/lib/aws/compute/event-sources/sqs-dlq.d.ts +13 -0
- package/lib/aws/compute/event-sources/sqs-dlq.js +26 -0
- package/lib/aws/compute/event-sources/sqs.d.ts +75 -0
- package/lib/aws/compute/event-sources/sqs.js +84 -0
- package/lib/aws/compute/fields.d.ts +367 -0
- package/lib/aws/compute/fields.js +546 -0
- package/lib/aws/compute/function-alias.d.ts +148 -0
- package/lib/aws/compute/function-alias.js +176 -0
- package/lib/aws/compute/function-base.d.ts +314 -0
- package/lib/aws/compute/function-base.js +421 -0
- package/lib/aws/compute/function-destination.d.ts +42 -0
- package/lib/aws/compute/function-destination.js +18 -0
- package/lib/aws/compute/function-destinations/event-bridge.d.ts +19 -0
- package/lib/aws/compute/function-destinations/event-bridge.js +46 -0
- package/lib/aws/compute/function-destinations/function.d.ts +34 -0
- package/lib/aws/compute/function-destinations/function.js +55 -0
- package/lib/aws/compute/function-destinations/index.d.ts +3 -0
- package/lib/aws/compute/function-destinations/index.js +22 -0
- package/lib/aws/compute/function-destinations/sqs.d.ts +14 -0
- package/lib/aws/compute/function-destinations/sqs.js +27 -0
- package/lib/aws/compute/function-nodejs.d.ts +55 -0
- package/lib/aws/compute/function-nodejs.js +70 -0
- package/lib/aws/compute/function-permission.d.ts +83 -0
- package/lib/aws/compute/function-permission.js +3 -0
- package/lib/aws/compute/function-url.d.ts +210 -0
- package/lib/aws/compute/function-url.js +148 -0
- package/lib/aws/compute/function-vpc-config.generated.d.ts +36 -0
- package/lib/aws/compute/function-vpc-config.generated.js +3 -0
- package/lib/aws/compute/function.d.ts +492 -0
- package/lib/aws/compute/function.js +692 -0
- package/lib/aws/compute/index.d.ts +42 -0
- package/lib/aws/compute/index.js +64 -0
- package/lib/aws/compute/private/intrinstics.d.ts +86 -0
- package/lib/aws/compute/private/intrinstics.js +220 -0
- package/lib/aws/compute/private/json-path.d.ts +57 -0
- package/lib/aws/compute/private/json-path.js +351 -0
- package/lib/aws/compute/private/util.d.ts +1 -0
- package/lib/aws/compute/private/util.js +38 -0
- package/lib/aws/compute/state-graph.d.ts +100 -0
- package/lib/aws/compute/state-graph.js +177 -0
- package/lib/aws/compute/state-machine-fragment.d.ts +61 -0
- package/lib/aws/compute/state-machine-fragment.js +56 -0
- package/lib/aws/compute/state-machine.d.ts +323 -0
- package/lib/aws/compute/state-machine.js +392 -0
- package/lib/aws/compute/states/choice.d.ts +94 -0
- package/lib/aws/compute/states/choice.js +81 -0
- package/lib/aws/compute/states/custom-state.d.ts +55 -0
- package/lib/aws/compute/states/custom-state.js +114 -0
- package/lib/aws/compute/states/distributed-map/item-batcher.d.ts +64 -0
- package/lib/aws/compute/states/distributed-map/item-batcher.js +58 -0
- package/lib/aws/compute/states/distributed-map/item-reader.d.ts +256 -0
- package/lib/aws/compute/states/distributed-map/item-reader.js +253 -0
- package/lib/aws/compute/states/distributed-map/result-writer.d.ts +41 -0
- package/lib/aws/compute/states/distributed-map/result-writer.js +66 -0
- package/lib/aws/compute/states/distributed-map.d.ts +153 -0
- package/lib/aws/compute/states/distributed-map.js +207 -0
- package/lib/aws/compute/states/fail.d.ts +74 -0
- package/lib/aws/compute/states/fail.js +83 -0
- package/lib/aws/compute/states/map-base.d.ts +145 -0
- package/lib/aws/compute/states/map-base.js +109 -0
- package/lib/aws/compute/states/map.d.ts +76 -0
- package/lib/aws/compute/states/map.js +110 -0
- package/lib/aws/compute/states/parallel.d.ts +113 -0
- package/lib/aws/compute/states/parallel.js +100 -0
- package/lib/aws/compute/states/pass.d.ts +122 -0
- package/lib/aws/compute/states/pass.js +99 -0
- package/lib/aws/compute/states/private/state-type.d.ts +13 -0
- package/lib/aws/compute/states/private/state-type.js +19 -0
- package/lib/aws/compute/states/state.d.ts +276 -0
- package/lib/aws/compute/states/state.js +482 -0
- package/lib/aws/compute/states/succeed.d.ts +51 -0
- package/lib/aws/compute/states/succeed.js +32 -0
- package/lib/aws/compute/states/task-base.d.ts +225 -0
- package/lib/aws/compute/states/task-base.js +160 -0
- package/lib/aws/compute/states/task.d.ts +127 -0
- package/lib/aws/compute/states/task.js +92 -0
- package/lib/aws/compute/states/wait.d.ts +78 -0
- package/lib/aws/compute/states/wait.js +90 -0
- package/lib/aws/compute/step-functions-task.d.ts +78 -0
- package/lib/aws/compute/step-functions-task.js +27 -0
- package/lib/aws/compute/task-credentials.d.ts +45 -0
- package/lib/aws/compute/task-credentials.js +52 -0
- package/lib/aws/compute/task-input.d.ts +86 -0
- package/lib/aws/compute/task-input.js +107 -0
- package/lib/aws/compute/tasks/aws-sdk/call-aws-service.d.ts +73 -0
- package/lib/aws/compute/tasks/aws-sdk/call-aws-service.js +69 -0
- package/lib/aws/compute/tasks/eventbridge/put-events.d.ts +74 -0
- package/lib/aws/compute/tasks/eventbridge/put-events.js +94 -0
- package/lib/aws/compute/tasks/http/invoke.d.ts +104 -0
- package/lib/aws/compute/tasks/http/invoke.js +117 -0
- package/lib/aws/compute/tasks/index.d.ts +7 -0
- package/lib/aws/compute/tasks/index.js +42 -0
- package/lib/aws/compute/tasks/lambda/invoke.d.ts +106 -0
- package/lib/aws/compute/tasks/lambda/invoke.js +125 -0
- package/lib/aws/compute/tasks/private/task-utils.d.ts +8 -0
- package/lib/aws/compute/tasks/private/task-utils.js +36 -0
- package/lib/aws/compute/tasks/resource-arn-suffix.d.ts +3 -0
- package/lib/aws/compute/tasks/resource-arn-suffix.js +25 -0
- package/lib/aws/compute/tasks/sqs/send-message.d.ts +62 -0
- package/lib/aws/compute/tasks/sqs/send-message.js +70 -0
- package/lib/aws/compute/tasks/stepfunctions/invoke-activity.d.ts +36 -0
- package/lib/aws/compute/tasks/stepfunctions/invoke-activity.js +45 -0
- package/lib/aws/compute/tasks/stepfunctions/start-execution.d.ts +63 -0
- package/lib/aws/compute/tasks/stepfunctions/start-execution.js +123 -0
- package/lib/aws/compute/types.d.ts +214 -0
- package/lib/aws/compute/types.js +103 -0
- package/lib/aws/compute/util.d.ts +12 -0
- package/lib/aws/compute/util.js +29 -0
- package/lib/aws/edge/certificate.d.ts +144 -0
- package/lib/aws/edge/certificate.js +191 -0
- package/lib/aws/edge/distribution.d.ts +505 -0
- package/lib/aws/edge/distribution.js +444 -0
- package/lib/aws/edge/dns-alias-record-targets.d.ts +29 -0
- package/lib/aws/edge/dns-alias-record-targets.js +46 -0
- package/lib/aws/edge/dns-record.d.ts +536 -0
- package/lib/aws/edge/dns-record.js +532 -0
- package/lib/aws/edge/dns-zone.d.ts +169 -0
- package/lib/aws/edge/dns-zone.js +149 -0
- package/lib/aws/edge/function.d.ts +185 -0
- package/lib/aws/edge/function.js +141 -0
- package/lib/aws/edge/index.d.ts +8 -0
- package/lib/aws/edge/index.js +25 -0
- package/lib/aws/edge/key-value-store.d.ts +162 -0
- package/lib/aws/edge/key-value-store.js +163 -0
- package/lib/aws/edge/origin.d.ts +160 -0
- package/lib/aws/edge/origin.js +245 -0
- package/lib/aws/encryption/alias.d.ts +137 -0
- package/lib/aws/encryption/alias.js +216 -0
- package/lib/aws/encryption/index.d.ts +4 -0
- package/lib/aws/encryption/index.js +21 -0
- package/lib/aws/encryption/key-lookup.d.ts +11 -0
- package/lib/aws/encryption/key-lookup.js +4 -0
- package/lib/aws/encryption/key.d.ts +461 -0
- package/lib/aws/encryption/key.js +586 -0
- package/lib/aws/encryption/private/perms.d.ts +5 -0
- package/lib/aws/encryption/private/perms.js +30 -0
- package/lib/aws/encryption/via-service-principal.d.ts +11 -0
- package/lib/aws/encryption/via-service-principal.js +39 -0
- package/lib/aws/iam/grant.d.ts +221 -0
- package/lib/aws/iam/grant.js +239 -0
- package/lib/aws/iam/identity-base.d.ts +20 -0
- package/lib/aws/iam/identity-base.js +3 -0
- package/lib/aws/iam/index.d.ts +16 -0
- package/lib/aws/iam/index.js +34 -0
- package/lib/aws/iam/managed-policy.d.ts +227 -0
- package/lib/aws/iam/managed-policy.js +237 -0
- package/lib/aws/iam/oidc-provider.d.ts +120 -0
- package/lib/aws/iam/oidc-provider.js +82 -0
- package/lib/aws/iam/policy-document-config.generated.d.ts +78 -0
- package/lib/aws/iam/policy-document-config.generated.js +3 -0
- package/lib/aws/iam/policy-document.d.ts +150 -0
- package/lib/aws/iam/policy-document.js +172 -0
- package/lib/aws/iam/policy-statement-props.generated.d.ts +55 -0
- package/lib/aws/iam/policy-statement-props.generated.js +3 -0
- package/lib/aws/iam/policy-statement.d.ts +451 -0
- package/lib/aws/iam/policy-statement.js +947 -0
- package/lib/aws/iam/policy.d.ts +122 -0
- package/lib/aws/iam/policy.js +192 -0
- package/lib/aws/iam/principals.d.ts +668 -0
- package/lib/aws/iam/principals.js +1032 -0
- package/lib/aws/iam/private/adapter.d.ts +21 -0
- package/lib/aws/iam/private/adapter.js +51 -0
- package/lib/aws/iam/private/assume-role-policy.d.ts +8 -0
- package/lib/aws/iam/private/assume-role-policy.js +27 -0
- package/lib/aws/iam/private/comparable-principal.d.ts +6 -0
- package/lib/aws/iam/private/comparable-principal.js +20 -0
- package/lib/aws/iam/private/immutable-role.d.ts +43 -0
- package/lib/aws/iam/private/immutable-role.js +76 -0
- package/lib/aws/iam/private/imported-role.d.ts +49 -0
- package/lib/aws/iam/private/imported-role.js +103 -0
- package/lib/aws/iam/private/merge-statements.d.ts +44 -0
- package/lib/aws/iam/private/merge-statements.js +214 -0
- package/lib/aws/iam/private/postprocess-policy-document.d.ts +15 -0
- package/lib/aws/iam/private/postprocess-policy-document.js +102 -0
- package/lib/aws/iam/private/util.d.ts +37 -0
- package/lib/aws/iam/private/util.js +87 -0
- package/lib/aws/iam/role.d.ts +425 -0
- package/lib/aws/iam/role.js +407 -0
- package/lib/aws/iam/saml-provider.d.ts +79 -0
- package/lib/aws/iam/saml-provider.js +79 -0
- package/lib/aws/iam/unknown-principal.d.ts +32 -0
- package/lib/aws/iam/unknown-principal.js +45 -0
- package/lib/aws/iam/utils.d.ts +12 -0
- package/lib/aws/iam/utils.js +41 -0
- package/lib/aws/index.d.ts +13 -0
- package/lib/aws/index.js +34 -0
- package/lib/aws/log-retention.d.ts +97 -0
- package/lib/aws/log-retention.js +103 -0
- package/lib/aws/network/index.d.ts +4 -0
- package/lib/aws/network/index.js +21 -0
- package/lib/aws/network/network.d.ts +77 -0
- package/lib/aws/network/network.js +3 -0
- package/lib/aws/network/simple-ipv4-vpc.d.ts +84 -0
- package/lib/aws/network/simple-ipv4-vpc.js +236 -0
- package/lib/aws/network/subnet-group.d.ts +42 -0
- package/lib/aws/network/subnet-group.js +72 -0
- package/lib/aws/network/subnet.d.ts +95 -0
- package/lib/aws/network/subnet.js +123 -0
- package/lib/aws/notify/archive.d.ts +77 -0
- package/lib/aws/notify/archive.js +62 -0
- package/lib/aws/notify/connection.d.ts +276 -0
- package/lib/aws/notify/connection.js +261 -0
- package/lib/aws/notify/event-bus.d.ts +298 -0
- package/lib/aws/notify/event-bus.js +326 -0
- package/lib/aws/notify/event-pattern.d.ts +220 -0
- package/lib/aws/notify/event-pattern.js +197 -0
- package/lib/aws/notify/index.d.ts +15 -0
- package/lib/aws/notify/index.js +35 -0
- package/lib/aws/notify/input.d.ts +126 -0
- package/lib/aws/notify/input.js +282 -0
- package/lib/aws/notify/kinesis-canned-metrics.generated.d.ts +68 -0
- package/lib/aws/notify/kinesis-canned-metrics.generated.js +103 -0
- package/lib/aws/notify/kinesis-fixed-canned-metrics.d.ts +195 -0
- package/lib/aws/notify/kinesis-fixed-canned-metrics.js +155 -0
- package/lib/aws/notify/kinesis-stream.d.ts +705 -0
- package/lib/aws/notify/kinesis-stream.js +541 -0
- package/lib/aws/notify/on-event-options.d.ts +54 -0
- package/lib/aws/notify/on-event-options.js +3 -0
- package/lib/aws/notify/queue-config.generated.d.ts +85 -0
- package/lib/aws/notify/queue-config.generated.js +3 -0
- package/lib/aws/notify/queue-policy.d.ts +35 -0
- package/lib/aws/notify/queue-policy.js +39 -0
- package/lib/aws/notify/queue.d.ts +355 -0
- package/lib/aws/notify/queue.js +305 -0
- package/lib/aws/notify/resource-policy.d.ts +41 -0
- package/lib/aws/notify/resource-policy.js +43 -0
- package/lib/aws/notify/rule.d.ts +153 -0
- package/lib/aws/notify/rule.js +227 -0
- package/lib/aws/notify/schedule.d.ts +83 -0
- package/lib/aws/notify/schedule.js +116 -0
- package/lib/aws/notify/target.d.ts +102 -0
- package/lib/aws/notify/target.js +3 -0
- package/lib/aws/notify/targets/event-bus.d.ts +39 -0
- package/lib/aws/notify/targets/event-bus.js +40 -0
- package/lib/aws/notify/targets/function.d.ts +31 -0
- package/lib/aws/notify/targets/function.js +36 -0
- package/lib/aws/notify/targets/index.d.ts +6 -0
- package/lib/aws/notify/targets/index.js +37 -0
- package/lib/aws/notify/targets/log-group.d.ts +89 -0
- package/lib/aws/notify/targets/log-group.js +110 -0
- package/lib/aws/notify/targets/sqs.d.ts +45 -0
- package/lib/aws/notify/targets/sqs.js +73 -0
- package/lib/aws/notify/targets/state-machine.d.ts +36 -0
- package/lib/aws/notify/targets/state-machine.js +39 -0
- package/lib/aws/notify/targets/util.d.ts +71 -0
- package/lib/aws/notify/targets/util.js +130 -0
- package/lib/aws/notify/util.d.ts +13 -0
- package/lib/aws/notify/util.js +69 -0
- package/lib/aws/provider-config.generated.d.ts +220 -0
- package/lib/aws/provider-config.generated.js +3 -0
- package/lib/aws/storage/bucket-destination.d.ts +41 -0
- package/lib/aws/storage/bucket-destination.js +13 -0
- package/lib/aws/storage/bucket-notifications.d.ts +58 -0
- package/lib/aws/storage/bucket-notifications.js +169 -0
- package/lib/aws/storage/bucket-perms.d.ts +9 -0
- package/lib/aws/storage/bucket-perms.js +33 -0
- package/lib/aws/storage/bucket-policy.d.ts +51 -0
- package/lib/aws/storage/bucket-policy.js +53 -0
- package/lib/aws/storage/bucket-source.d.ts +41 -0
- package/lib/aws/storage/bucket-source.js +79 -0
- package/lib/aws/storage/bucket.d.ts +941 -0
- package/lib/aws/storage/bucket.js +869 -0
- package/lib/aws/storage/cors-config.generated.d.ts +57 -0
- package/lib/aws/storage/cors-config.generated.js +3 -0
- package/lib/aws/storage/cors-rule-config.generated.d.ts +38 -0
- package/lib/aws/storage/cors-rule-config.generated.js +3 -0
- package/lib/aws/storage/index.d.ts +12 -0
- package/lib/aws/storage/index.js +31 -0
- package/lib/aws/storage/lifecycle-config.generated.d.ts +55 -0
- package/lib/aws/storage/lifecycle-config.generated.js +3 -0
- package/lib/aws/storage/notification-targets/function.d.ts +11 -0
- package/lib/aws/storage/notification-targets/function.js +48 -0
- package/lib/aws/storage/notification-targets/index.d.ts +2 -0
- package/lib/aws/storage/notification-targets/index.js +21 -0
- package/lib/aws/storage/notification-targets/queue.d.ts +15 -0
- package/lib/aws/storage/notification-targets/queue.js +58 -0
- package/lib/aws/storage/origin-access-identity.d.ts +91 -0
- package/lib/aws/storage/origin-access-identity.js +76 -0
- package/lib/aws/storage/util.d.ts +40 -0
- package/lib/aws/storage/util.js +85 -0
- package/lib/aws/storage/website-config.generated.d.ts +73 -0
- package/lib/aws/storage/website-config.generated.js +3 -0
- package/lib/aws/util.d.ts +4 -0
- package/lib/aws/util.js +25 -0
- package/lib/construct-base.d.ts +69 -0
- package/lib/construct-base.js +89 -0
- package/lib/duration.d.ts +160 -0
- package/lib/duration.js +327 -0
- package/lib/index.d.ts +5 -0
- package/lib/index.js +24 -0
- package/lib/private/index.d.ts +2 -0
- package/lib/private/index.js +19 -0
- package/lib/private/terraform-dependables-aspect.d.ts +20 -0
- package/lib/private/terraform-dependables-aspect.js +95 -0
- package/lib/private/unique-resource-name.d.ts +9 -0
- package/lib/private/unique-resource-name.js +145 -0
- package/lib/size.d.ts +146 -0
- package/lib/size.js +220 -0
- package/lib/stack-base.d.ts +188 -0
- package/lib/stack-base.js +183 -0
- package/lib/token.d.ts +32 -0
- package/lib/token.js +54 -0
- package/node_modules/camel-case/LICENSE +21 -0
- package/node_modules/camel-case/README.md +47 -0
- package/node_modules/camel-case/dist/index.d.ts +5 -0
- package/node_modules/camel-case/dist/index.js +23 -0
- package/node_modules/camel-case/dist/index.js.map +1 -0
- package/node_modules/camel-case/dist/index.spec.d.ts +1 -0
- package/node_modules/camel-case/dist/index.spec.js +26 -0
- package/node_modules/camel-case/dist/index.spec.js.map +1 -0
- package/node_modules/camel-case/dist.es2015/index.d.ts +5 -0
- package/node_modules/camel-case/dist.es2015/index.js +17 -0
- package/node_modules/camel-case/dist.es2015/index.js.map +1 -0
- package/node_modules/camel-case/dist.es2015/index.spec.d.ts +1 -0
- package/node_modules/camel-case/dist.es2015/index.spec.js +24 -0
- package/node_modules/camel-case/dist.es2015/index.spec.js.map +1 -0
- package/node_modules/camel-case/package.json +89 -0
- package/node_modules/capital-case/LICENSE +21 -0
- package/node_modules/capital-case/README.md +37 -0
- package/node_modules/capital-case/dist/index.d.ts +4 -0
- package/node_modules/capital-case/dist/index.js +16 -0
- package/node_modules/capital-case/dist/index.js.map +1 -0
- package/node_modules/capital-case/dist/index.spec.d.ts +1 -0
- package/node_modules/capital-case/dist/index.spec.js +24 -0
- package/node_modules/capital-case/dist/index.spec.js.map +1 -0
- package/node_modules/capital-case/dist.es2015/index.d.ts +4 -0
- package/node_modules/capital-case/dist.es2015/index.js +11 -0
- package/node_modules/capital-case/dist.es2015/index.js.map +1 -0
- package/node_modules/capital-case/dist.es2015/index.spec.d.ts +1 -0
- package/node_modules/capital-case/dist.es2015/index.spec.js +22 -0
- package/node_modules/capital-case/dist.es2015/index.spec.js.map +1 -0
- package/node_modules/capital-case/package.json +90 -0
- package/node_modules/change-case/LICENSE +21 -0
- package/node_modules/change-case/README.md +44 -0
- package/node_modules/change-case/dist/index.d.ts +11 -0
- package/node_modules/change-case/dist/index.js +15 -0
- package/node_modules/change-case/dist/index.js.map +1 -0
- package/node_modules/change-case/dist/index.spec.d.ts +1 -0
- package/node_modules/change-case/dist/index.spec.js +9 -0
- package/node_modules/change-case/dist/index.spec.js.map +1 -0
- package/node_modules/change-case/dist.es2015/index.d.ts +11 -0
- package/node_modules/change-case/dist.es2015/index.js +12 -0
- package/node_modules/change-case/dist.es2015/index.js.map +1 -0
- package/node_modules/change-case/dist.es2015/index.spec.d.ts +1 -0
- package/node_modules/change-case/dist.es2015/index.spec.js +7 -0
- package/node_modules/change-case/dist.es2015/index.spec.js.map +1 -0
- package/node_modules/change-case/package.json +101 -0
- package/node_modules/constant-case/LICENSE +21 -0
- package/node_modules/constant-case/README.md +37 -0
- package/node_modules/constant-case/dist/index.d.ts +3 -0
- package/node_modules/constant-case/dist/index.js +12 -0
- package/node_modules/constant-case/dist/index.js.map +1 -0
- package/node_modules/constant-case/dist/index.spec.d.ts +1 -0
- package/node_modules/constant-case/dist/index.spec.js +26 -0
- package/node_modules/constant-case/dist/index.spec.js.map +1 -0
- package/node_modules/constant-case/dist.es2015/index.d.ts +3 -0
- package/node_modules/constant-case/dist.es2015/index.js +8 -0
- package/node_modules/constant-case/dist.es2015/index.js.map +1 -0
- package/node_modules/constant-case/dist.es2015/index.spec.d.ts +1 -0
- package/node_modules/constant-case/dist.es2015/index.spec.js +24 -0
- package/node_modules/constant-case/dist.es2015/index.spec.js.map +1 -0
- package/node_modules/constant-case/package.json +90 -0
- package/node_modules/dot-case/LICENSE +21 -0
- package/node_modules/dot-case/README.md +37 -0
- package/node_modules/dot-case/dist/index.d.ts +3 -0
- package/node_modules/dot-case/dist/index.js +11 -0
- package/node_modules/dot-case/dist/index.js.map +1 -0
- package/node_modules/dot-case/dist/index.spec.d.ts +1 -0
- package/node_modules/dot-case/dist/index.spec.js +26 -0
- package/node_modules/dot-case/dist/index.spec.js.map +1 -0
- package/node_modules/dot-case/dist.es2015/index.d.ts +3 -0
- package/node_modules/dot-case/dist.es2015/index.js +7 -0
- package/node_modules/dot-case/dist.es2015/index.js.map +1 -0
- package/node_modules/dot-case/dist.es2015/index.spec.d.ts +1 -0
- package/node_modules/dot-case/dist.es2015/index.spec.js +24 -0
- package/node_modules/dot-case/dist.es2015/index.spec.js.map +1 -0
- package/node_modules/dot-case/package.json +89 -0
- package/node_modules/esbuild-wasm/LICENSE.md +21 -0
- package/node_modules/esbuild-wasm/README.md +3 -0
- package/node_modules/esbuild-wasm/bin/esbuild +91 -0
- package/node_modules/esbuild-wasm/esbuild.wasm +0 -0
- package/node_modules/esbuild-wasm/esm/browser.d.ts +705 -0
- package/node_modules/esbuild-wasm/esm/browser.js +2370 -0
- package/node_modules/esbuild-wasm/esm/browser.min.js +20 -0
- package/node_modules/esbuild-wasm/lib/browser.d.ts +705 -0
- package/node_modules/esbuild-wasm/lib/browser.js +2415 -0
- package/node_modules/esbuild-wasm/lib/browser.min.js +22 -0
- package/node_modules/esbuild-wasm/lib/main.d.ts +705 -0
- package/node_modules/esbuild-wasm/lib/main.js +2051 -0
- package/node_modules/esbuild-wasm/package.json +19 -0
- package/node_modules/esbuild-wasm/wasm_exec.js +561 -0
- package/node_modules/esbuild-wasm/wasm_exec_node.js +39 -0
- package/node_modules/header-case/LICENSE +21 -0
- package/node_modules/header-case/README.md +37 -0
- package/node_modules/header-case/dist/index.d.ts +3 -0
- package/node_modules/header-case/dist/index.js +11 -0
- package/node_modules/header-case/dist/index.js.map +1 -0
- package/node_modules/header-case/dist/index.spec.d.ts +1 -0
- package/node_modules/header-case/dist/index.spec.js +24 -0
- package/node_modules/header-case/dist/index.spec.js.map +1 -0
- package/node_modules/header-case/dist.es2015/index.d.ts +3 -0
- package/node_modules/header-case/dist.es2015/index.js +7 -0
- package/node_modules/header-case/dist.es2015/index.js.map +1 -0
- package/node_modules/header-case/dist.es2015/index.spec.d.ts +1 -0
- package/node_modules/header-case/dist.es2015/index.spec.js +22 -0
- package/node_modules/header-case/dist.es2015/index.spec.js.map +1 -0
- package/node_modules/header-case/package.json +89 -0
- package/node_modules/lower-case/LICENSE +21 -0
- package/node_modules/lower-case/README.md +35 -0
- package/node_modules/lower-case/dist/index.d.ts +8 -0
- package/node_modules/lower-case/dist/index.js +53 -0
- package/node_modules/lower-case/dist/index.js.map +1 -0
- package/node_modules/lower-case/dist/index.spec.d.ts +1 -0
- package/node_modules/lower-case/dist/index.spec.js +36 -0
- package/node_modules/lower-case/dist/index.spec.js.map +1 -0
- package/node_modules/lower-case/dist.es2015/index.d.ts +8 -0
- package/node_modules/lower-case/dist.es2015/index.js +48 -0
- package/node_modules/lower-case/dist.es2015/index.js.map +1 -0
- package/node_modules/lower-case/dist.es2015/index.spec.d.ts +1 -0
- package/node_modules/lower-case/dist.es2015/index.spec.js +34 -0
- package/node_modules/lower-case/dist.es2015/index.spec.js.map +1 -0
- package/node_modules/lower-case/package.json +87 -0
- package/node_modules/mime-db/HISTORY.md +507 -0
- package/node_modules/mime-db/LICENSE +23 -0
- package/node_modules/mime-db/README.md +100 -0
- package/node_modules/mime-db/db.json +8519 -0
- package/node_modules/mime-db/index.js +12 -0
- package/node_modules/mime-db/package.json +60 -0
- package/node_modules/mime-types/HISTORY.md +397 -0
- package/node_modules/mime-types/LICENSE +23 -0
- package/node_modules/mime-types/README.md +113 -0
- package/node_modules/mime-types/index.js +188 -0
- package/node_modules/mime-types/package.json +44 -0
- package/node_modules/no-case/LICENSE +21 -0
- package/node_modules/no-case/README.md +37 -0
- package/node_modules/no-case/dist/index.d.ts +10 -0
- package/node_modules/no-case/dist/index.js +35 -0
- package/node_modules/no-case/dist/index.js.map +1 -0
- package/node_modules/no-case/dist/index.spec.d.ts +1 -0
- package/node_modules/no-case/dist/index.spec.js +59 -0
- package/node_modules/no-case/dist/index.spec.js.map +1 -0
- package/node_modules/no-case/dist.es2015/index.d.ts +10 -0
- package/node_modules/no-case/dist.es2015/index.js +31 -0
- package/node_modules/no-case/dist.es2015/index.js.map +1 -0
- package/node_modules/no-case/dist.es2015/index.spec.d.ts +1 -0
- package/node_modules/no-case/dist.es2015/index.spec.js +57 -0
- package/node_modules/no-case/dist.es2015/index.spec.js.map +1 -0
- package/node_modules/no-case/package.json +85 -0
- package/node_modules/param-case/LICENSE +21 -0
- package/node_modules/param-case/README.md +37 -0
- package/node_modules/param-case/dist/index.d.ts +3 -0
- package/node_modules/param-case/dist/index.js +11 -0
- package/node_modules/param-case/dist/index.js.map +1 -0
- package/node_modules/param-case/dist/index.spec.d.ts +1 -0
- package/node_modules/param-case/dist/index.spec.js +24 -0
- package/node_modules/param-case/dist/index.spec.js.map +1 -0
- package/node_modules/param-case/dist.es2015/index.d.ts +3 -0
- package/node_modules/param-case/dist.es2015/index.js +7 -0
- package/node_modules/param-case/dist.es2015/index.js.map +1 -0
- package/node_modules/param-case/dist.es2015/index.spec.d.ts +1 -0
- package/node_modules/param-case/dist.es2015/index.spec.js +22 -0
- package/node_modules/param-case/dist.es2015/index.spec.js.map +1 -0
- package/node_modules/param-case/package.json +91 -0
- package/node_modules/pascal-case/LICENSE +21 -0
- package/node_modules/pascal-case/README.md +47 -0
- package/node_modules/pascal-case/dist/index.d.ts +5 -0
- package/node_modules/pascal-case/dist/index.js +24 -0
- package/node_modules/pascal-case/dist/index.js.map +1 -0
- package/node_modules/pascal-case/dist/index.spec.d.ts +1 -0
- package/node_modules/pascal-case/dist/index.spec.js +25 -0
- package/node_modules/pascal-case/dist/index.spec.js.map +1 -0
- package/node_modules/pascal-case/dist.es2015/index.d.ts +5 -0
- package/node_modules/pascal-case/dist.es2015/index.js +18 -0
- package/node_modules/pascal-case/dist.es2015/index.js.map +1 -0
- package/node_modules/pascal-case/dist.es2015/index.spec.d.ts +1 -0
- package/node_modules/pascal-case/dist.es2015/index.spec.js +23 -0
- package/node_modules/pascal-case/dist.es2015/index.spec.js.map +1 -0
- package/node_modules/pascal-case/package.json +90 -0
- package/node_modules/path-case/LICENSE +21 -0
- package/node_modules/path-case/README.md +37 -0
- package/node_modules/path-case/dist/index.d.ts +3 -0
- package/node_modules/path-case/dist/index.js +11 -0
- package/node_modules/path-case/dist/index.js.map +1 -0
- package/node_modules/path-case/dist/index.spec.d.ts +1 -0
- package/node_modules/path-case/dist/index.spec.js +24 -0
- package/node_modules/path-case/dist/index.spec.js.map +1 -0
- package/node_modules/path-case/dist.es2015/index.d.ts +3 -0
- package/node_modules/path-case/dist.es2015/index.js +7 -0
- package/node_modules/path-case/dist.es2015/index.js.map +1 -0
- package/node_modules/path-case/dist.es2015/index.spec.d.ts +1 -0
- package/node_modules/path-case/dist.es2015/index.spec.js +22 -0
- package/node_modules/path-case/dist.es2015/index.spec.js.map +1 -0
- package/node_modules/path-case/package.json +88 -0
- package/node_modules/sentence-case/LICENSE +21 -0
- package/node_modules/sentence-case/README.md +37 -0
- package/node_modules/sentence-case/dist/index.d.ts +4 -0
- package/node_modules/sentence-case/dist/index.js +19 -0
- package/node_modules/sentence-case/dist/index.js.map +1 -0
- package/node_modules/sentence-case/dist/index.spec.d.ts +1 -0
- package/node_modules/sentence-case/dist/index.spec.js +24 -0
- package/node_modules/sentence-case/dist/index.spec.js.map +1 -0
- package/node_modules/sentence-case/dist.es2015/index.d.ts +4 -0
- package/node_modules/sentence-case/dist.es2015/index.js +14 -0
- package/node_modules/sentence-case/dist.es2015/index.js.map +1 -0
- package/node_modules/sentence-case/dist.es2015/index.spec.d.ts +1 -0
- package/node_modules/sentence-case/dist.es2015/index.spec.js +22 -0
- package/node_modules/sentence-case/dist.es2015/index.spec.js.map +1 -0
- package/node_modules/sentence-case/package.json +89 -0
- package/node_modules/snake-case/LICENSE +21 -0
- package/node_modules/snake-case/README.md +37 -0
- package/node_modules/snake-case/dist/index.d.ts +3 -0
- package/node_modules/snake-case/dist/index.js +11 -0
- package/node_modules/snake-case/dist/index.js.map +1 -0
- package/node_modules/snake-case/dist/index.spec.d.ts +1 -0
- package/node_modules/snake-case/dist/index.spec.js +25 -0
- package/node_modules/snake-case/dist/index.spec.js.map +1 -0
- package/node_modules/snake-case/dist.es2015/index.d.ts +3 -0
- package/node_modules/snake-case/dist.es2015/index.js +7 -0
- package/node_modules/snake-case/dist.es2015/index.js.map +1 -0
- package/node_modules/snake-case/dist.es2015/index.spec.d.ts +1 -0
- package/node_modules/snake-case/dist.es2015/index.spec.js +23 -0
- package/node_modules/snake-case/dist.es2015/index.spec.js.map +1 -0
- package/node_modules/snake-case/package.json +90 -0
- package/node_modules/tslib/CopyrightNotice.txt +15 -0
- package/node_modules/tslib/LICENSE.txt +12 -0
- package/node_modules/tslib/README.md +164 -0
- package/node_modules/tslib/SECURITY.md +41 -0
- package/node_modules/tslib/modules/index.d.ts +37 -0
- package/node_modules/tslib/modules/index.js +68 -0
- package/node_modules/tslib/modules/package.json +3 -0
- package/node_modules/tslib/package.json +47 -0
- package/node_modules/tslib/tslib.d.ts +453 -0
- package/node_modules/tslib/tslib.es6.html +1 -0
- package/node_modules/tslib/tslib.es6.js +374 -0
- package/node_modules/tslib/tslib.es6.mjs +373 -0
- package/node_modules/tslib/tslib.html +1 -0
- package/node_modules/tslib/tslib.js +424 -0
- package/node_modules/upper-case/README.md +34 -0
- package/node_modules/upper-case/dist/index.d.ts +8 -0
- package/node_modules/upper-case/dist/index.js +49 -0
- package/node_modules/upper-case/dist/index.js.map +1 -0
- package/node_modules/upper-case/dist/index.spec.d.ts +1 -0
- package/node_modules/upper-case/dist/index.spec.js +34 -0
- package/node_modules/upper-case/dist/index.spec.js.map +1 -0
- package/node_modules/upper-case/dist.es2015/index.d.ts +8 -0
- package/node_modules/upper-case/dist.es2015/index.js +44 -0
- package/node_modules/upper-case/dist.es2015/index.js.map +1 -0
- package/node_modules/upper-case/dist.es2015/index.spec.d.ts +1 -0
- package/node_modules/upper-case/dist.es2015/index.spec.js +32 -0
- package/node_modules/upper-case/dist.es2015/index.spec.js.map +1 -0
- package/node_modules/upper-case/package.json +86 -0
- package/node_modules/upper-case-first/LICENSE +21 -0
- package/node_modules/upper-case-first/README.md +32 -0
- package/node_modules/upper-case-first/dist/index.d.ts +4 -0
- package/node_modules/upper-case-first/dist/index.js +11 -0
- package/node_modules/upper-case-first/dist/index.js.map +1 -0
- package/node_modules/upper-case-first/dist/index.spec.d.ts +1 -0
- package/node_modules/upper-case-first/dist/index.spec.js +20 -0
- package/node_modules/upper-case-first/dist/index.spec.js.map +1 -0
- package/node_modules/upper-case-first/dist.es2015/index.d.ts +4 -0
- package/node_modules/upper-case-first/dist.es2015/index.js +7 -0
- package/node_modules/upper-case-first/dist.es2015/index.js.map +1 -0
- package/node_modules/upper-case-first/dist.es2015/index.spec.d.ts +1 -0
- package/node_modules/upper-case-first/dist.es2015/index.spec.js +18 -0
- package/node_modules/upper-case-first/dist.es2015/index.spec.js.map +1 -0
- package/node_modules/upper-case-first/package.json +87 -0
- package/package.json +152 -0
- package/setup.js +2 -0
|
@@ -0,0 +1,451 @@
|
|
|
1
|
+
import { dataAwsIamPolicyDocument } from "@cdktf/provider-aws";
|
|
2
|
+
import { IConstruct } from "constructs";
|
|
3
|
+
import { PolicyStatementProps } from "./policy-statement-props.generated";
|
|
4
|
+
import { ServicePrincipalOpts, IPrincipal } from "./principals";
|
|
5
|
+
export type ConditionMap = {
|
|
6
|
+
[test: string]: {
|
|
7
|
+
[variable: string]: Condition;
|
|
8
|
+
};
|
|
9
|
+
};
|
|
10
|
+
/**
|
|
11
|
+
* Represents a statement in an IAM policy document.
|
|
12
|
+
*/
|
|
13
|
+
export declare class PolicyStatement {
|
|
14
|
+
/**
|
|
15
|
+
* Creates a new Terraform PolicyStatement based on the AWS IAM Policy Statement format.
|
|
16
|
+
* This will accept an object created from the `.toStatementJson()` call
|
|
17
|
+
*
|
|
18
|
+
* @param obj the PolicyStatement in object form.
|
|
19
|
+
*/
|
|
20
|
+
static fromJson(obj: any): PolicyStatement;
|
|
21
|
+
private readonly _action;
|
|
22
|
+
private readonly _notAction;
|
|
23
|
+
private readonly _principal;
|
|
24
|
+
private readonly _notPrincipal;
|
|
25
|
+
private readonly _resource;
|
|
26
|
+
private readonly _notResource;
|
|
27
|
+
private readonly _conditionMap;
|
|
28
|
+
private _sid?;
|
|
29
|
+
private _effect;
|
|
30
|
+
private principalConditionsJson?;
|
|
31
|
+
private readonly _principals;
|
|
32
|
+
private readonly _notPrincipals;
|
|
33
|
+
private _frozen;
|
|
34
|
+
constructor(props?: PolicyStatementProps);
|
|
35
|
+
/**
|
|
36
|
+
* Statement ID for this statement
|
|
37
|
+
*/
|
|
38
|
+
get sid(): string | undefined;
|
|
39
|
+
/**
|
|
40
|
+
* Set Statement ID for this statement
|
|
41
|
+
*/
|
|
42
|
+
set sid(sid: string | undefined);
|
|
43
|
+
/**
|
|
44
|
+
* Whether to allow or deny the actions in this statement
|
|
45
|
+
*/
|
|
46
|
+
get effect(): Effect;
|
|
47
|
+
/**
|
|
48
|
+
* Set effect for this statement
|
|
49
|
+
*/
|
|
50
|
+
set effect(effect: Effect);
|
|
51
|
+
/**
|
|
52
|
+
* Specify allowed actions into the "Action" section of the policy statement.
|
|
53
|
+
*
|
|
54
|
+
* @see https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_action.html
|
|
55
|
+
*
|
|
56
|
+
* @param actions actions that will be allowed.
|
|
57
|
+
*/
|
|
58
|
+
addActions(...actions: string[]): void;
|
|
59
|
+
/**
|
|
60
|
+
* Explicitly allow all actions except the specified list of actions into the "NotAction" section
|
|
61
|
+
* of the policy document.
|
|
62
|
+
*
|
|
63
|
+
* @see https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_notaction.html
|
|
64
|
+
*
|
|
65
|
+
* @param notActions actions that will be denied. All other actions will be permitted.
|
|
66
|
+
*/
|
|
67
|
+
addNotActions(...notActions: string[]): void;
|
|
68
|
+
/**
|
|
69
|
+
* Indicates if this permission has a "Principal" section.
|
|
70
|
+
*/
|
|
71
|
+
get hasPrincipal(): boolean;
|
|
72
|
+
/**
|
|
73
|
+
* Adds principals to the "Principal" section of a policy statement.
|
|
74
|
+
*
|
|
75
|
+
* @see https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_principal.html
|
|
76
|
+
*
|
|
77
|
+
* @param principals IAM principals that will be added
|
|
78
|
+
*/
|
|
79
|
+
addPrincipals(...principals: IPrincipal[]): void;
|
|
80
|
+
/**
|
|
81
|
+
* Specify principals that is not allowed or denied access to the "NotPrincipal" section of
|
|
82
|
+
* a policy statement.
|
|
83
|
+
*
|
|
84
|
+
* @see https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_notprincipal.html
|
|
85
|
+
*
|
|
86
|
+
* @param notPrincipals IAM principals that will be denied access
|
|
87
|
+
*/
|
|
88
|
+
addNotPrincipals(...notPrincipals: IPrincipal[]): void;
|
|
89
|
+
private validatePolicyActions;
|
|
90
|
+
/**
|
|
91
|
+
* Specify AWS account ID as the principal entity to the "Principal" section of a policy statement.
|
|
92
|
+
*/
|
|
93
|
+
addAwsAccountPrincipal(accountId: string): void;
|
|
94
|
+
/**
|
|
95
|
+
* Specify a principal using the ARN identifier of the principal.
|
|
96
|
+
* You cannot specify IAM groups and instance profiles as principals.
|
|
97
|
+
*
|
|
98
|
+
* @param arn ARN identifier of AWS account, IAM user, or IAM role (i.e. arn:aws:iam::123456789012:user/user-name)
|
|
99
|
+
*/
|
|
100
|
+
addArnPrincipal(arn: string): void;
|
|
101
|
+
/**
|
|
102
|
+
* Adds a service principal to this policy statement.
|
|
103
|
+
*
|
|
104
|
+
* @param service the service name for which a service principal is requested (e.g: `s3.amazonaws.com`).
|
|
105
|
+
* @param opts options for adding the service principal (such as specifying a principal in a different region)
|
|
106
|
+
*/
|
|
107
|
+
addServicePrincipal(service: string, opts?: ServicePrincipalOpts): void;
|
|
108
|
+
/**
|
|
109
|
+
* Adds a federated identity provider such as Amazon Cognito to this policy statement.
|
|
110
|
+
*
|
|
111
|
+
* @param federated federated identity provider (i.e. 'cognito-identity.amazonaws.com')
|
|
112
|
+
* @param conditions The conditions under which the policy is in effect.
|
|
113
|
+
* See [the IAM documentation](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition.html).
|
|
114
|
+
*/
|
|
115
|
+
addFederatedPrincipal(federated: any, conditions: Conditions): void;
|
|
116
|
+
/**
|
|
117
|
+
* Adds an AWS account root user principal to this policy statement
|
|
118
|
+
*/
|
|
119
|
+
addAccountRootPrincipal(): void;
|
|
120
|
+
/**
|
|
121
|
+
* Adds a canonical user ID principal to this policy document
|
|
122
|
+
*
|
|
123
|
+
* @param canonicalUserId unique identifier assigned by AWS for every account
|
|
124
|
+
*/
|
|
125
|
+
addCanonicalUserPrincipal(canonicalUserId: string): void;
|
|
126
|
+
/**
|
|
127
|
+
* Adds all identities in all accounts ("*") to this policy statement
|
|
128
|
+
*/
|
|
129
|
+
addAnyPrincipal(): void;
|
|
130
|
+
/**
|
|
131
|
+
* Specify resources that this policy statement applies into the "Resource" section of
|
|
132
|
+
* this policy statement.
|
|
133
|
+
*
|
|
134
|
+
* @see https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_resource.html
|
|
135
|
+
*
|
|
136
|
+
* @param arns Amazon Resource Names (ARNs) of the resources that this policy statement applies to
|
|
137
|
+
*/
|
|
138
|
+
addResources(...arns: string[]): void;
|
|
139
|
+
/**
|
|
140
|
+
* Specify resources that this policy statement will not apply to in the "NotResource" section
|
|
141
|
+
* of this policy statement. All resources except the specified list will be matched.
|
|
142
|
+
*
|
|
143
|
+
* @see https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_notresource.html
|
|
144
|
+
*
|
|
145
|
+
* @param arns Amazon Resource Names (ARNs) of the resources that this policy statement does not apply to
|
|
146
|
+
*/
|
|
147
|
+
addNotResources(...arns: string[]): void;
|
|
148
|
+
/**
|
|
149
|
+
* Adds a ``"*"`` resource to this statement.
|
|
150
|
+
*/
|
|
151
|
+
addAllResources(): void;
|
|
152
|
+
/**
|
|
153
|
+
* Indicates if this permission has at least one resource associated with it.
|
|
154
|
+
*/
|
|
155
|
+
get hasResource(): boolean;
|
|
156
|
+
/**
|
|
157
|
+
* Add a condition to the Policy
|
|
158
|
+
*
|
|
159
|
+
* If multiple calls are made to add a condition with the same test and variable, only
|
|
160
|
+
* the last one wins. For example:
|
|
161
|
+
*
|
|
162
|
+
* ```ts
|
|
163
|
+
* declare const stmt: iam.PolicyStatement;
|
|
164
|
+
*
|
|
165
|
+
* stmt.addCondition({ test: 'StringEquals', variable: 'aws:SomeField', values: ['1'] });
|
|
166
|
+
* stmt.addCondition({ test: 'StringEquals', variable: 'aws:SomeField', values: ['2'] });
|
|
167
|
+
* ```
|
|
168
|
+
*
|
|
169
|
+
* Will end up with the single condition
|
|
170
|
+
*
|
|
171
|
+
* ```ts
|
|
172
|
+
* {
|
|
173
|
+
* test: 'StringEquals',
|
|
174
|
+
* variable: 'aws:SomeField',
|
|
175
|
+
* values: ['2'],
|
|
176
|
+
* }
|
|
177
|
+
* ```.
|
|
178
|
+
*
|
|
179
|
+
* If you meant to add a condition to say that the field can be *either* `1` or `2`, write
|
|
180
|
+
* this:
|
|
181
|
+
*
|
|
182
|
+
* ```ts
|
|
183
|
+
* declare const stmt: iam.PolicyStatement;
|
|
184
|
+
*
|
|
185
|
+
* stmt.addCondition({ test: 'StringEquals', variable: 'aws:SomeField', values: ['1', '2'] });
|
|
186
|
+
* ```
|
|
187
|
+
*/
|
|
188
|
+
addCondition(condition: Condition): void;
|
|
189
|
+
/**
|
|
190
|
+
* Add a condition to the Policy
|
|
191
|
+
*
|
|
192
|
+
* If multiple calls are made to add a condition with the same operator and field, only
|
|
193
|
+
* the last one wins. For example:
|
|
194
|
+
*
|
|
195
|
+
* ```ts
|
|
196
|
+
* declare const stmt: iam.PolicyStatement;
|
|
197
|
+
*
|
|
198
|
+
* stmt.addCondition('StringEquals', { 'aws:SomeField': '1' });
|
|
199
|
+
* stmt.addCondition('StringEquals', { 'aws:SomeField': '2' });
|
|
200
|
+
* ```
|
|
201
|
+
*
|
|
202
|
+
* Will end up with the single condition `StringEquals: { 'aws:SomeField': '2' }`.
|
|
203
|
+
*
|
|
204
|
+
* If you meant to add a condition to say that the field can be *either* `1` or `2`, write
|
|
205
|
+
* this:
|
|
206
|
+
*
|
|
207
|
+
* ```ts
|
|
208
|
+
* declare const stmt: iam.PolicyStatement;
|
|
209
|
+
*
|
|
210
|
+
* stmt.addCondition('StringEquals', { 'aws:SomeField': ['1', '2'] });
|
|
211
|
+
* ```
|
|
212
|
+
*/
|
|
213
|
+
addConditionObject(key: string, value: unknown): void;
|
|
214
|
+
/**
|
|
215
|
+
* Add multiple conditions to the Policy
|
|
216
|
+
*
|
|
217
|
+
* See the `addCondition` function for a caveat on calling this method multiple times.
|
|
218
|
+
*/
|
|
219
|
+
addConditions(...conditions: Condition[]): void;
|
|
220
|
+
/**
|
|
221
|
+
* Add multiple conditionObjects to the Policy
|
|
222
|
+
*
|
|
223
|
+
* See the `addConditionObject` function for a caveat on calling this method multiple times.
|
|
224
|
+
*/
|
|
225
|
+
addConditionObjects(conditions: Record<string, unknown>): void;
|
|
226
|
+
/**
|
|
227
|
+
* Add a `StringEquals` condition that limits to a given account from `sts:ExternalId`.
|
|
228
|
+
*
|
|
229
|
+
* This method can only be called once: subsequent calls will overwrite earlier calls.
|
|
230
|
+
*
|
|
231
|
+
* @see https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user_externalid.html
|
|
232
|
+
*/
|
|
233
|
+
addAccountCondition(...accountIds: string[]): void;
|
|
234
|
+
/**
|
|
235
|
+
* Add an `StringEquals` condition that limits to a given account from `aws:SourceAccount`.
|
|
236
|
+
*
|
|
237
|
+
* This method can only be called once: subsequent calls will overwrite earlier calls.
|
|
238
|
+
*
|
|
239
|
+
* @see https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-sourceaccount
|
|
240
|
+
*/
|
|
241
|
+
addSourceAccountCondition(...accountIds: string[]): void;
|
|
242
|
+
/**
|
|
243
|
+
* Add an `ArnEquals` condition that limits to a given resource arn from `aws:SourceArn`.
|
|
244
|
+
*
|
|
245
|
+
* This method can only be called once: subsequent calls will overwrite earlier calls.
|
|
246
|
+
*
|
|
247
|
+
* @see https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-sourcearn
|
|
248
|
+
*/
|
|
249
|
+
addSourceArnCondition(...arns: string[]): void;
|
|
250
|
+
/**
|
|
251
|
+
* Create a new `PolicyStatement` with the same exact properties
|
|
252
|
+
* as this one, except for the overrides
|
|
253
|
+
*/
|
|
254
|
+
copy(overrides?: PolicyStatementProps): PolicyStatement;
|
|
255
|
+
/**
|
|
256
|
+
* Get AWS IAM Policy statement JSON
|
|
257
|
+
*/
|
|
258
|
+
toStatementJson(): any;
|
|
259
|
+
/**
|
|
260
|
+
* String representation of this policy statement
|
|
261
|
+
*/
|
|
262
|
+
toString(): string;
|
|
263
|
+
/**
|
|
264
|
+
* JSON-ify the statement
|
|
265
|
+
*
|
|
266
|
+
* Used when JSON.stringify() is called
|
|
267
|
+
*/
|
|
268
|
+
toJSON(): dataAwsIamPolicyDocument.DataAwsIamPolicyDocumentStatement;
|
|
269
|
+
/**
|
|
270
|
+
* Add a principal's conditions
|
|
271
|
+
*
|
|
272
|
+
* For convenience, principals have been modeled as both a principal
|
|
273
|
+
* and a set of conditions. This makes it possible to have a single
|
|
274
|
+
* object represent e.g. an "SNS Topic" (SNS service principal + aws:SourcArn
|
|
275
|
+
* condition) or an Organization member (* + aws:OrgId condition).
|
|
276
|
+
*
|
|
277
|
+
* However, when using multiple principals in the same policy statement,
|
|
278
|
+
* they must all have the same conditions or the OR samentics
|
|
279
|
+
* implied by a list of principals cannot be guaranteed (user needs to
|
|
280
|
+
* add multiple statements in that case).
|
|
281
|
+
*/
|
|
282
|
+
private addPrincipalConditions;
|
|
283
|
+
/**
|
|
284
|
+
* Validate that the policy statement satisfies base requirements for a policy.
|
|
285
|
+
*
|
|
286
|
+
* @returns An array of validation error messages, or an empty array if the statement is valid.
|
|
287
|
+
*/
|
|
288
|
+
validateForAnyPolicy(): string[];
|
|
289
|
+
/**
|
|
290
|
+
* Validate that the policy statement satisfies all requirements for a resource-based policy.
|
|
291
|
+
*
|
|
292
|
+
* @returns An array of validation error messages, or an empty array if the statement is valid.
|
|
293
|
+
*/
|
|
294
|
+
validateForResourcePolicy(): string[];
|
|
295
|
+
/**
|
|
296
|
+
* Validate that the policy statement satisfies all requirements for an identity-based policy.
|
|
297
|
+
*
|
|
298
|
+
* @returns An array of validation error messages, or an empty array if the statement is valid.
|
|
299
|
+
*/
|
|
300
|
+
validateForIdentityPolicy(): string[];
|
|
301
|
+
/**
|
|
302
|
+
* The Actions added to this statement
|
|
303
|
+
*/
|
|
304
|
+
get actions(): string[];
|
|
305
|
+
/**
|
|
306
|
+
* The NotActions added to this statement
|
|
307
|
+
*/
|
|
308
|
+
get notActions(): string[];
|
|
309
|
+
/**
|
|
310
|
+
* The Principals added to this statement
|
|
311
|
+
*/
|
|
312
|
+
get principals(): IPrincipal[];
|
|
313
|
+
/**
|
|
314
|
+
* The NotPrincipals added to this statement
|
|
315
|
+
*/
|
|
316
|
+
get notPrincipals(): IPrincipal[];
|
|
317
|
+
/**
|
|
318
|
+
* The Resources added to this statement
|
|
319
|
+
*/
|
|
320
|
+
get resources(): string[];
|
|
321
|
+
/**
|
|
322
|
+
* The NotResources added to this statement
|
|
323
|
+
*/
|
|
324
|
+
get notResources(): string[];
|
|
325
|
+
/**
|
|
326
|
+
* The conditions added to this statement
|
|
327
|
+
*/
|
|
328
|
+
get conditions(): Conditions;
|
|
329
|
+
/**
|
|
330
|
+
* Make the PolicyStatement immutable
|
|
331
|
+
*
|
|
332
|
+
* After calling this, any of the `addXxx()` methods will throw an exception.
|
|
333
|
+
*
|
|
334
|
+
* Libraries that lazily generate statement bodies can override this method to
|
|
335
|
+
* fill the actual PolicyStatement fields. Be aware that this method may be called
|
|
336
|
+
* multiple times.
|
|
337
|
+
*/
|
|
338
|
+
freeze(): PolicyStatement;
|
|
339
|
+
/**
|
|
340
|
+
* Whether the PolicyStatement has been frozen
|
|
341
|
+
*
|
|
342
|
+
* The statement object is frozen when `freeze()` is called.
|
|
343
|
+
*/
|
|
344
|
+
get frozen(): boolean;
|
|
345
|
+
/**
|
|
346
|
+
* Estimate the size of this policy statement
|
|
347
|
+
*
|
|
348
|
+
* By necessity, this will not be accurate. We'll do our best to overestimate
|
|
349
|
+
* so we won't have nasty surprises.
|
|
350
|
+
*
|
|
351
|
+
* @internal
|
|
352
|
+
*/
|
|
353
|
+
_estimateSize(options: EstimateSizeOptions): number;
|
|
354
|
+
/**
|
|
355
|
+
* Throw an exception when the object is frozen
|
|
356
|
+
*/
|
|
357
|
+
private assertNotFrozen;
|
|
358
|
+
}
|
|
359
|
+
/**
|
|
360
|
+
* The Effect element of an IAM policy
|
|
361
|
+
*
|
|
362
|
+
* @see https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_effect.html
|
|
363
|
+
*/
|
|
364
|
+
export declare enum Effect {
|
|
365
|
+
/**
|
|
366
|
+
* Allows access to a resource in an IAM policy statement. By default, access to resources are denied.
|
|
367
|
+
*/
|
|
368
|
+
ALLOW = "Allow",
|
|
369
|
+
/**
|
|
370
|
+
* Explicitly deny access to a resource. By default, all requests are denied implicitly.
|
|
371
|
+
*
|
|
372
|
+
* @see https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html
|
|
373
|
+
*/
|
|
374
|
+
DENY = "Deny"
|
|
375
|
+
}
|
|
376
|
+
/**
|
|
377
|
+
* Condition for when an IAM policy is in effect. Maps from the keys in a request's context to
|
|
378
|
+
* a string value or array of string values. See the Conditions interface for more details.
|
|
379
|
+
*/
|
|
380
|
+
export type Condition = dataAwsIamPolicyDocument.DataAwsIamPolicyDocumentStatementCondition;
|
|
381
|
+
/**
|
|
382
|
+
* Conditions for when an IAM Policy is in effect, specified in the following structure:
|
|
383
|
+
*
|
|
384
|
+
* `{ "Operator": { "keyInRequestContext": "value" } }`
|
|
385
|
+
*
|
|
386
|
+
* The value can be either a single string value or an array of string values.
|
|
387
|
+
*
|
|
388
|
+
* For more information, including which operators are supported, see [the IAM
|
|
389
|
+
* documentation](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition.html).
|
|
390
|
+
*/
|
|
391
|
+
export type Conditions = Array<Condition>;
|
|
392
|
+
/**
|
|
393
|
+
* Options for _estimateSize
|
|
394
|
+
*
|
|
395
|
+
* These can optionally come from context, but it's too expensive to look
|
|
396
|
+
* them up every time so we bundle them into a struct first.
|
|
397
|
+
*
|
|
398
|
+
* @internal
|
|
399
|
+
*/
|
|
400
|
+
export interface EstimateSizeOptions {
|
|
401
|
+
/**
|
|
402
|
+
* Estimated size of an unresolved ARN
|
|
403
|
+
*/
|
|
404
|
+
readonly arnEstimate: number;
|
|
405
|
+
/**
|
|
406
|
+
* Estimated size of an unresolved action
|
|
407
|
+
*/
|
|
408
|
+
readonly actionEstimate: number;
|
|
409
|
+
}
|
|
410
|
+
/**
|
|
411
|
+
* Derive the size estimation options from context
|
|
412
|
+
*
|
|
413
|
+
* @internal
|
|
414
|
+
*/
|
|
415
|
+
export declare function deriveEstimateSizeOptions(_scope: IConstruct): EstimateSizeOptions;
|
|
416
|
+
export type IamValue = string | Record<string, any> | Array<string | Record<string, any>>;
|
|
417
|
+
export declare function isStringOrArrayOfStrings(value: unknown): value is string | string[];
|
|
418
|
+
/**
|
|
419
|
+
* Convert a condition JSON object to a list of Terraform AWS Policy Statement Conditions
|
|
420
|
+
*
|
|
421
|
+
* JSON object is specified in the following structure:
|
|
422
|
+
*
|
|
423
|
+
* `{ "Operator": { "keyInRequestContext": "value" } }`
|
|
424
|
+
*
|
|
425
|
+
* The value can be either a single string value or an array of string values.
|
|
426
|
+
*
|
|
427
|
+
* For more information, including which operators are supported, see [the IAM
|
|
428
|
+
* documentation](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition.html).
|
|
429
|
+
* @param conditionJson The condition JSON object
|
|
430
|
+
* @returns The list of Terraform condition objects
|
|
431
|
+
*/
|
|
432
|
+
export declare function fromConditionJson(conditionJson: Record<string, unknown> | undefined): Conditions | undefined;
|
|
433
|
+
/**
|
|
434
|
+
* flatten Conditions mapped by test and variable to an array of Terraform AWS Policy Statement Conditions
|
|
435
|
+
* @param conditionMap The condition map
|
|
436
|
+
* @returns The list of Terraform condition objects
|
|
437
|
+
*/
|
|
438
|
+
export declare function toConditions(conditionMap: ConditionMap): Conditions;
|
|
439
|
+
/**
|
|
440
|
+
* Convert a list of Terraform AWS Policy Statement condition objects back to a condition JSON object
|
|
441
|
+
* @param conditions The list of Terraform condition objects
|
|
442
|
+
* @returns The condition JSON object
|
|
443
|
+
*/
|
|
444
|
+
export declare function toConditionJson(...conditions: Conditions): Record<string, any>;
|
|
445
|
+
/**
|
|
446
|
+
* Validate that the given value is a valid Json Condition object
|
|
447
|
+
*
|
|
448
|
+
* AWS CDK IAM library relies on being able to pass in a `Json` instance for
|
|
449
|
+
* a `Condition`.
|
|
450
|
+
*/
|
|
451
|
+
export declare function validateConditionObject(x: unknown): asserts x is Record<string, unknown>;
|