terraconstructs 0.0.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.envrc +5 -0
- package/.jsii +79780 -0
- package/.mise.toml +8 -0
- package/.nvmrc +1 -0
- package/.terraform-version +1 -0
- package/.terraform.d/plugin-cache/.gitignore +5 -0
- package/LICENSE +674 -0
- package/NOTICE.txt +12 -0
- package/README.md +42 -0
- package/bun.lockb +0 -0
- package/go.mod +158 -0
- package/go.sum +1206 -0
- package/lib/aws/arn.d.ts +187 -0
- package/lib/aws/arn.js +383 -0
- package/lib/aws/aws-construct.d.ts +76 -0
- package/lib/aws/aws-construct.js +38 -0
- package/lib/aws/aws-stack.d.ts +201 -0
- package/lib/aws/aws-stack.js +303 -0
- package/lib/aws/cloudwatch/actions/ec2.d.ts +35 -0
- package/lib/aws/cloudwatch/actions/ec2.js +48 -0
- package/lib/aws/cloudwatch/actions/index.d.ts +2 -0
- package/lib/aws/cloudwatch/actions/index.js +24 -0
- package/lib/aws/cloudwatch/actions/lambda.d.ts +16 -0
- package/lib/aws/cloudwatch/actions/lambda.js +48 -0
- package/lib/aws/cloudwatch/alarm-action.d.ts +23 -0
- package/lib/aws/cloudwatch/alarm-action.js +4 -0
- package/lib/aws/cloudwatch/alarm-base.d.ts +84 -0
- package/lib/aws/cloudwatch/alarm-base.js +64 -0
- package/lib/aws/cloudwatch/alarm-rule.d.ts +61 -0
- package/lib/aws/cloudwatch/alarm-rule.js +116 -0
- package/lib/aws/cloudwatch/alarm-status-widget.d.ts +77 -0
- package/lib/aws/cloudwatch/alarm-status-widget.js +62 -0
- package/lib/aws/cloudwatch/alarm.d.ts +158 -0
- package/lib/aws/cloudwatch/alarm.js +410 -0
- package/lib/aws/cloudwatch/composite-alarm.d.ts +88 -0
- package/lib/aws/cloudwatch/composite-alarm.js +98 -0
- package/lib/aws/cloudwatch/dashboard.d.ts +137 -0
- package/lib/aws/cloudwatch/dashboard.js +141 -0
- package/lib/aws/cloudwatch/data-protection-policy.d.ts +184 -0
- package/lib/aws/cloudwatch/data-protection-policy.js +246 -0
- package/lib/aws/cloudwatch/graph.d.ts +792 -0
- package/lib/aws/cloudwatch/graph.js +537 -0
- package/lib/aws/cloudwatch/index.d.ts +26 -0
- package/lib/aws/cloudwatch/index.js +49 -0
- package/lib/aws/cloudwatch/layout.d.ts +89 -0
- package/lib/aws/cloudwatch/layout.js +147 -0
- package/lib/aws/cloudwatch/log-destinations/index.d.ts +2 -0
- package/lib/aws/cloudwatch/log-destinations/index.js +20 -0
- package/lib/aws/cloudwatch/log-destinations/kinesis.d.ts +29 -0
- package/lib/aws/cloudwatch/log-destinations/kinesis.js +52 -0
- package/lib/aws/cloudwatch/log-destinations/lambda.d.ts +22 -0
- package/lib/aws/cloudwatch/log-destinations/lambda.js +46 -0
- package/lib/aws/cloudwatch/log-group.d.ts +453 -0
- package/lib/aws/cloudwatch/log-group.js +350 -0
- package/lib/aws/cloudwatch/log-query.d.ts +91 -0
- package/lib/aws/cloudwatch/log-query.js +85 -0
- package/lib/aws/cloudwatch/log-stream.d.ts +57 -0
- package/lib/aws/cloudwatch/log-stream.js +57 -0
- package/lib/aws/cloudwatch/metric-filter.d.ts +30 -0
- package/lib/aws/cloudwatch/metric-filter.js +69 -0
- package/lib/aws/cloudwatch/metric-types.d.ts +407 -0
- package/lib/aws/cloudwatch/metric-types.js +151 -0
- package/lib/aws/cloudwatch/metric.d.ts +492 -0
- package/lib/aws/cloudwatch/metric.js +493 -0
- package/lib/aws/cloudwatch/pattern.d.ts +195 -0
- package/lib/aws/cloudwatch/pattern.js +412 -0
- package/lib/aws/cloudwatch/policy.d.ts +43 -0
- package/lib/aws/cloudwatch/policy.js +50 -0
- package/lib/aws/cloudwatch/private/drop-empty-object-at-the-end-of-an-array-token.d.ts +14 -0
- package/lib/aws/cloudwatch/private/drop-empty-object-at-the-end-of-an-array-token.js +37 -0
- package/lib/aws/cloudwatch/private/env-tokens.d.ts +8 -0
- package/lib/aws/cloudwatch/private/env-tokens.js +48 -0
- package/lib/aws/cloudwatch/private/metric-util.d.ts +60 -0
- package/lib/aws/cloudwatch/private/metric-util.js +132 -0
- package/lib/aws/cloudwatch/private/object.d.ts +1 -0
- package/lib/aws/cloudwatch/private/object.js +18 -0
- package/lib/aws/cloudwatch/private/rendering.d.ts +60 -0
- package/lib/aws/cloudwatch/private/rendering.js +181 -0
- package/lib/aws/cloudwatch/private/statistic.d.ts +51 -0
- package/lib/aws/cloudwatch/private/statistic.js +176 -0
- package/lib/aws/cloudwatch/query-definition.d.ts +150 -0
- package/lib/aws/cloudwatch/query-definition.js +114 -0
- package/lib/aws/cloudwatch/stats.d.ts +150 -0
- package/lib/aws/cloudwatch/stats.js +207 -0
- package/lib/aws/cloudwatch/subscription-filter.d.ts +75 -0
- package/lib/aws/cloudwatch/subscription-filter.js +51 -0
- package/lib/aws/cloudwatch/text.d.ts +52 -0
- package/lib/aws/cloudwatch/text.js +53 -0
- package/lib/aws/cloudwatch/variable.d.ts +156 -0
- package/lib/aws/cloudwatch/variable.js +156 -0
- package/lib/aws/cloudwatch/widget.d.ts +62 -0
- package/lib/aws/cloudwatch/widget.js +45 -0
- package/lib/aws/compute/activity.d.ts +81 -0
- package/lib/aws/compute/activity.js +132 -0
- package/lib/aws/compute/architecture.d.ts +33 -0
- package/lib/aws/compute/architecture.js +42 -0
- package/lib/aws/compute/chain.d.ts +52 -0
- package/lib/aws/compute/chain.js +68 -0
- package/lib/aws/compute/condition.d.ts +202 -0
- package/lib/aws/compute/condition.js +409 -0
- package/lib/aws/compute/event-invoke-config.d.ts +74 -0
- package/lib/aws/compute/event-invoke-config.js +63 -0
- package/lib/aws/compute/event-source-filter.d.ts +64 -0
- package/lib/aws/compute/event-source-filter.js +86 -0
- package/lib/aws/compute/event-source-mapping.d.ts +310 -0
- package/lib/aws/compute/event-source-mapping.js +267 -0
- package/lib/aws/compute/event-sources/index.d.ts +4 -0
- package/lib/aws/compute/event-sources/index.js +28 -0
- package/lib/aws/compute/event-sources/s3-onfailure-destination.d.ts +13 -0
- package/lib/aws/compute/event-sources/s3-onfailure-destination.js +26 -0
- package/lib/aws/compute/event-sources/s3.d.ts +24 -0
- package/lib/aws/compute/event-sources/s3.js +25 -0
- package/lib/aws/compute/event-sources/sqs-dlq.d.ts +13 -0
- package/lib/aws/compute/event-sources/sqs-dlq.js +26 -0
- package/lib/aws/compute/event-sources/sqs.d.ts +75 -0
- package/lib/aws/compute/event-sources/sqs.js +84 -0
- package/lib/aws/compute/fields.d.ts +367 -0
- package/lib/aws/compute/fields.js +546 -0
- package/lib/aws/compute/function-alias.d.ts +148 -0
- package/lib/aws/compute/function-alias.js +176 -0
- package/lib/aws/compute/function-base.d.ts +314 -0
- package/lib/aws/compute/function-base.js +421 -0
- package/lib/aws/compute/function-destination.d.ts +42 -0
- package/lib/aws/compute/function-destination.js +18 -0
- package/lib/aws/compute/function-destinations/event-bridge.d.ts +19 -0
- package/lib/aws/compute/function-destinations/event-bridge.js +46 -0
- package/lib/aws/compute/function-destinations/function.d.ts +34 -0
- package/lib/aws/compute/function-destinations/function.js +55 -0
- package/lib/aws/compute/function-destinations/index.d.ts +3 -0
- package/lib/aws/compute/function-destinations/index.js +22 -0
- package/lib/aws/compute/function-destinations/sqs.d.ts +14 -0
- package/lib/aws/compute/function-destinations/sqs.js +27 -0
- package/lib/aws/compute/function-nodejs.d.ts +55 -0
- package/lib/aws/compute/function-nodejs.js +70 -0
- package/lib/aws/compute/function-permission.d.ts +83 -0
- package/lib/aws/compute/function-permission.js +3 -0
- package/lib/aws/compute/function-url.d.ts +210 -0
- package/lib/aws/compute/function-url.js +148 -0
- package/lib/aws/compute/function-vpc-config.generated.d.ts +36 -0
- package/lib/aws/compute/function-vpc-config.generated.js +3 -0
- package/lib/aws/compute/function.d.ts +492 -0
- package/lib/aws/compute/function.js +692 -0
- package/lib/aws/compute/index.d.ts +42 -0
- package/lib/aws/compute/index.js +64 -0
- package/lib/aws/compute/private/intrinstics.d.ts +86 -0
- package/lib/aws/compute/private/intrinstics.js +220 -0
- package/lib/aws/compute/private/json-path.d.ts +57 -0
- package/lib/aws/compute/private/json-path.js +351 -0
- package/lib/aws/compute/private/util.d.ts +1 -0
- package/lib/aws/compute/private/util.js +38 -0
- package/lib/aws/compute/state-graph.d.ts +100 -0
- package/lib/aws/compute/state-graph.js +177 -0
- package/lib/aws/compute/state-machine-fragment.d.ts +61 -0
- package/lib/aws/compute/state-machine-fragment.js +56 -0
- package/lib/aws/compute/state-machine.d.ts +323 -0
- package/lib/aws/compute/state-machine.js +392 -0
- package/lib/aws/compute/states/choice.d.ts +94 -0
- package/lib/aws/compute/states/choice.js +81 -0
- package/lib/aws/compute/states/custom-state.d.ts +55 -0
- package/lib/aws/compute/states/custom-state.js +114 -0
- package/lib/aws/compute/states/distributed-map/item-batcher.d.ts +64 -0
- package/lib/aws/compute/states/distributed-map/item-batcher.js +58 -0
- package/lib/aws/compute/states/distributed-map/item-reader.d.ts +256 -0
- package/lib/aws/compute/states/distributed-map/item-reader.js +253 -0
- package/lib/aws/compute/states/distributed-map/result-writer.d.ts +41 -0
- package/lib/aws/compute/states/distributed-map/result-writer.js +66 -0
- package/lib/aws/compute/states/distributed-map.d.ts +153 -0
- package/lib/aws/compute/states/distributed-map.js +207 -0
- package/lib/aws/compute/states/fail.d.ts +74 -0
- package/lib/aws/compute/states/fail.js +83 -0
- package/lib/aws/compute/states/map-base.d.ts +145 -0
- package/lib/aws/compute/states/map-base.js +109 -0
- package/lib/aws/compute/states/map.d.ts +76 -0
- package/lib/aws/compute/states/map.js +110 -0
- package/lib/aws/compute/states/parallel.d.ts +113 -0
- package/lib/aws/compute/states/parallel.js +100 -0
- package/lib/aws/compute/states/pass.d.ts +122 -0
- package/lib/aws/compute/states/pass.js +99 -0
- package/lib/aws/compute/states/private/state-type.d.ts +13 -0
- package/lib/aws/compute/states/private/state-type.js +19 -0
- package/lib/aws/compute/states/state.d.ts +276 -0
- package/lib/aws/compute/states/state.js +482 -0
- package/lib/aws/compute/states/succeed.d.ts +51 -0
- package/lib/aws/compute/states/succeed.js +32 -0
- package/lib/aws/compute/states/task-base.d.ts +225 -0
- package/lib/aws/compute/states/task-base.js +160 -0
- package/lib/aws/compute/states/task.d.ts +127 -0
- package/lib/aws/compute/states/task.js +92 -0
- package/lib/aws/compute/states/wait.d.ts +78 -0
- package/lib/aws/compute/states/wait.js +90 -0
- package/lib/aws/compute/step-functions-task.d.ts +78 -0
- package/lib/aws/compute/step-functions-task.js +27 -0
- package/lib/aws/compute/task-credentials.d.ts +45 -0
- package/lib/aws/compute/task-credentials.js +52 -0
- package/lib/aws/compute/task-input.d.ts +86 -0
- package/lib/aws/compute/task-input.js +107 -0
- package/lib/aws/compute/tasks/aws-sdk/call-aws-service.d.ts +73 -0
- package/lib/aws/compute/tasks/aws-sdk/call-aws-service.js +69 -0
- package/lib/aws/compute/tasks/eventbridge/put-events.d.ts +74 -0
- package/lib/aws/compute/tasks/eventbridge/put-events.js +94 -0
- package/lib/aws/compute/tasks/http/invoke.d.ts +104 -0
- package/lib/aws/compute/tasks/http/invoke.js +117 -0
- package/lib/aws/compute/tasks/index.d.ts +7 -0
- package/lib/aws/compute/tasks/index.js +42 -0
- package/lib/aws/compute/tasks/lambda/invoke.d.ts +106 -0
- package/lib/aws/compute/tasks/lambda/invoke.js +125 -0
- package/lib/aws/compute/tasks/private/task-utils.d.ts +8 -0
- package/lib/aws/compute/tasks/private/task-utils.js +36 -0
- package/lib/aws/compute/tasks/resource-arn-suffix.d.ts +3 -0
- package/lib/aws/compute/tasks/resource-arn-suffix.js +25 -0
- package/lib/aws/compute/tasks/sqs/send-message.d.ts +62 -0
- package/lib/aws/compute/tasks/sqs/send-message.js +70 -0
- package/lib/aws/compute/tasks/stepfunctions/invoke-activity.d.ts +36 -0
- package/lib/aws/compute/tasks/stepfunctions/invoke-activity.js +45 -0
- package/lib/aws/compute/tasks/stepfunctions/start-execution.d.ts +63 -0
- package/lib/aws/compute/tasks/stepfunctions/start-execution.js +123 -0
- package/lib/aws/compute/types.d.ts +214 -0
- package/lib/aws/compute/types.js +103 -0
- package/lib/aws/compute/util.d.ts +12 -0
- package/lib/aws/compute/util.js +29 -0
- package/lib/aws/edge/certificate.d.ts +144 -0
- package/lib/aws/edge/certificate.js +191 -0
- package/lib/aws/edge/distribution.d.ts +505 -0
- package/lib/aws/edge/distribution.js +444 -0
- package/lib/aws/edge/dns-alias-record-targets.d.ts +29 -0
- package/lib/aws/edge/dns-alias-record-targets.js +46 -0
- package/lib/aws/edge/dns-record.d.ts +536 -0
- package/lib/aws/edge/dns-record.js +532 -0
- package/lib/aws/edge/dns-zone.d.ts +169 -0
- package/lib/aws/edge/dns-zone.js +149 -0
- package/lib/aws/edge/function.d.ts +185 -0
- package/lib/aws/edge/function.js +141 -0
- package/lib/aws/edge/index.d.ts +8 -0
- package/lib/aws/edge/index.js +25 -0
- package/lib/aws/edge/key-value-store.d.ts +162 -0
- package/lib/aws/edge/key-value-store.js +163 -0
- package/lib/aws/edge/origin.d.ts +160 -0
- package/lib/aws/edge/origin.js +245 -0
- package/lib/aws/encryption/alias.d.ts +137 -0
- package/lib/aws/encryption/alias.js +216 -0
- package/lib/aws/encryption/index.d.ts +4 -0
- package/lib/aws/encryption/index.js +21 -0
- package/lib/aws/encryption/key-lookup.d.ts +11 -0
- package/lib/aws/encryption/key-lookup.js +4 -0
- package/lib/aws/encryption/key.d.ts +461 -0
- package/lib/aws/encryption/key.js +586 -0
- package/lib/aws/encryption/private/perms.d.ts +5 -0
- package/lib/aws/encryption/private/perms.js +30 -0
- package/lib/aws/encryption/via-service-principal.d.ts +11 -0
- package/lib/aws/encryption/via-service-principal.js +39 -0
- package/lib/aws/iam/grant.d.ts +221 -0
- package/lib/aws/iam/grant.js +239 -0
- package/lib/aws/iam/identity-base.d.ts +20 -0
- package/lib/aws/iam/identity-base.js +3 -0
- package/lib/aws/iam/index.d.ts +16 -0
- package/lib/aws/iam/index.js +34 -0
- package/lib/aws/iam/managed-policy.d.ts +227 -0
- package/lib/aws/iam/managed-policy.js +237 -0
- package/lib/aws/iam/oidc-provider.d.ts +120 -0
- package/lib/aws/iam/oidc-provider.js +82 -0
- package/lib/aws/iam/policy-document-config.generated.d.ts +78 -0
- package/lib/aws/iam/policy-document-config.generated.js +3 -0
- package/lib/aws/iam/policy-document.d.ts +150 -0
- package/lib/aws/iam/policy-document.js +172 -0
- package/lib/aws/iam/policy-statement-props.generated.d.ts +55 -0
- package/lib/aws/iam/policy-statement-props.generated.js +3 -0
- package/lib/aws/iam/policy-statement.d.ts +451 -0
- package/lib/aws/iam/policy-statement.js +947 -0
- package/lib/aws/iam/policy.d.ts +122 -0
- package/lib/aws/iam/policy.js +192 -0
- package/lib/aws/iam/principals.d.ts +668 -0
- package/lib/aws/iam/principals.js +1032 -0
- package/lib/aws/iam/private/adapter.d.ts +21 -0
- package/lib/aws/iam/private/adapter.js +51 -0
- package/lib/aws/iam/private/assume-role-policy.d.ts +8 -0
- package/lib/aws/iam/private/assume-role-policy.js +27 -0
- package/lib/aws/iam/private/comparable-principal.d.ts +6 -0
- package/lib/aws/iam/private/comparable-principal.js +20 -0
- package/lib/aws/iam/private/immutable-role.d.ts +43 -0
- package/lib/aws/iam/private/immutable-role.js +76 -0
- package/lib/aws/iam/private/imported-role.d.ts +49 -0
- package/lib/aws/iam/private/imported-role.js +103 -0
- package/lib/aws/iam/private/merge-statements.d.ts +44 -0
- package/lib/aws/iam/private/merge-statements.js +214 -0
- package/lib/aws/iam/private/postprocess-policy-document.d.ts +15 -0
- package/lib/aws/iam/private/postprocess-policy-document.js +102 -0
- package/lib/aws/iam/private/util.d.ts +37 -0
- package/lib/aws/iam/private/util.js +87 -0
- package/lib/aws/iam/role.d.ts +425 -0
- package/lib/aws/iam/role.js +407 -0
- package/lib/aws/iam/saml-provider.d.ts +79 -0
- package/lib/aws/iam/saml-provider.js +79 -0
- package/lib/aws/iam/unknown-principal.d.ts +32 -0
- package/lib/aws/iam/unknown-principal.js +45 -0
- package/lib/aws/iam/utils.d.ts +12 -0
- package/lib/aws/iam/utils.js +41 -0
- package/lib/aws/index.d.ts +13 -0
- package/lib/aws/index.js +34 -0
- package/lib/aws/log-retention.d.ts +97 -0
- package/lib/aws/log-retention.js +103 -0
- package/lib/aws/network/index.d.ts +4 -0
- package/lib/aws/network/index.js +21 -0
- package/lib/aws/network/network.d.ts +77 -0
- package/lib/aws/network/network.js +3 -0
- package/lib/aws/network/simple-ipv4-vpc.d.ts +84 -0
- package/lib/aws/network/simple-ipv4-vpc.js +236 -0
- package/lib/aws/network/subnet-group.d.ts +42 -0
- package/lib/aws/network/subnet-group.js +72 -0
- package/lib/aws/network/subnet.d.ts +95 -0
- package/lib/aws/network/subnet.js +123 -0
- package/lib/aws/notify/archive.d.ts +77 -0
- package/lib/aws/notify/archive.js +62 -0
- package/lib/aws/notify/connection.d.ts +276 -0
- package/lib/aws/notify/connection.js +261 -0
- package/lib/aws/notify/event-bus.d.ts +298 -0
- package/lib/aws/notify/event-bus.js +326 -0
- package/lib/aws/notify/event-pattern.d.ts +220 -0
- package/lib/aws/notify/event-pattern.js +197 -0
- package/lib/aws/notify/index.d.ts +15 -0
- package/lib/aws/notify/index.js +35 -0
- package/lib/aws/notify/input.d.ts +126 -0
- package/lib/aws/notify/input.js +282 -0
- package/lib/aws/notify/kinesis-canned-metrics.generated.d.ts +68 -0
- package/lib/aws/notify/kinesis-canned-metrics.generated.js +103 -0
- package/lib/aws/notify/kinesis-fixed-canned-metrics.d.ts +195 -0
- package/lib/aws/notify/kinesis-fixed-canned-metrics.js +155 -0
- package/lib/aws/notify/kinesis-stream.d.ts +705 -0
- package/lib/aws/notify/kinesis-stream.js +541 -0
- package/lib/aws/notify/on-event-options.d.ts +54 -0
- package/lib/aws/notify/on-event-options.js +3 -0
- package/lib/aws/notify/queue-config.generated.d.ts +85 -0
- package/lib/aws/notify/queue-config.generated.js +3 -0
- package/lib/aws/notify/queue-policy.d.ts +35 -0
- package/lib/aws/notify/queue-policy.js +39 -0
- package/lib/aws/notify/queue.d.ts +355 -0
- package/lib/aws/notify/queue.js +305 -0
- package/lib/aws/notify/resource-policy.d.ts +41 -0
- package/lib/aws/notify/resource-policy.js +43 -0
- package/lib/aws/notify/rule.d.ts +153 -0
- package/lib/aws/notify/rule.js +227 -0
- package/lib/aws/notify/schedule.d.ts +83 -0
- package/lib/aws/notify/schedule.js +116 -0
- package/lib/aws/notify/target.d.ts +102 -0
- package/lib/aws/notify/target.js +3 -0
- package/lib/aws/notify/targets/event-bus.d.ts +39 -0
- package/lib/aws/notify/targets/event-bus.js +40 -0
- package/lib/aws/notify/targets/function.d.ts +31 -0
- package/lib/aws/notify/targets/function.js +36 -0
- package/lib/aws/notify/targets/index.d.ts +6 -0
- package/lib/aws/notify/targets/index.js +37 -0
- package/lib/aws/notify/targets/log-group.d.ts +89 -0
- package/lib/aws/notify/targets/log-group.js +110 -0
- package/lib/aws/notify/targets/sqs.d.ts +45 -0
- package/lib/aws/notify/targets/sqs.js +73 -0
- package/lib/aws/notify/targets/state-machine.d.ts +36 -0
- package/lib/aws/notify/targets/state-machine.js +39 -0
- package/lib/aws/notify/targets/util.d.ts +71 -0
- package/lib/aws/notify/targets/util.js +130 -0
- package/lib/aws/notify/util.d.ts +13 -0
- package/lib/aws/notify/util.js +69 -0
- package/lib/aws/provider-config.generated.d.ts +220 -0
- package/lib/aws/provider-config.generated.js +3 -0
- package/lib/aws/storage/bucket-destination.d.ts +41 -0
- package/lib/aws/storage/bucket-destination.js +13 -0
- package/lib/aws/storage/bucket-notifications.d.ts +58 -0
- package/lib/aws/storage/bucket-notifications.js +169 -0
- package/lib/aws/storage/bucket-perms.d.ts +9 -0
- package/lib/aws/storage/bucket-perms.js +33 -0
- package/lib/aws/storage/bucket-policy.d.ts +51 -0
- package/lib/aws/storage/bucket-policy.js +53 -0
- package/lib/aws/storage/bucket-source.d.ts +41 -0
- package/lib/aws/storage/bucket-source.js +79 -0
- package/lib/aws/storage/bucket.d.ts +941 -0
- package/lib/aws/storage/bucket.js +869 -0
- package/lib/aws/storage/cors-config.generated.d.ts +57 -0
- package/lib/aws/storage/cors-config.generated.js +3 -0
- package/lib/aws/storage/cors-rule-config.generated.d.ts +38 -0
- package/lib/aws/storage/cors-rule-config.generated.js +3 -0
- package/lib/aws/storage/index.d.ts +12 -0
- package/lib/aws/storage/index.js +31 -0
- package/lib/aws/storage/lifecycle-config.generated.d.ts +55 -0
- package/lib/aws/storage/lifecycle-config.generated.js +3 -0
- package/lib/aws/storage/notification-targets/function.d.ts +11 -0
- package/lib/aws/storage/notification-targets/function.js +48 -0
- package/lib/aws/storage/notification-targets/index.d.ts +2 -0
- package/lib/aws/storage/notification-targets/index.js +21 -0
- package/lib/aws/storage/notification-targets/queue.d.ts +15 -0
- package/lib/aws/storage/notification-targets/queue.js +58 -0
- package/lib/aws/storage/origin-access-identity.d.ts +91 -0
- package/lib/aws/storage/origin-access-identity.js +76 -0
- package/lib/aws/storage/util.d.ts +40 -0
- package/lib/aws/storage/util.js +85 -0
- package/lib/aws/storage/website-config.generated.d.ts +73 -0
- package/lib/aws/storage/website-config.generated.js +3 -0
- package/lib/aws/util.d.ts +4 -0
- package/lib/aws/util.js +25 -0
- package/lib/construct-base.d.ts +69 -0
- package/lib/construct-base.js +89 -0
- package/lib/duration.d.ts +160 -0
- package/lib/duration.js +327 -0
- package/lib/index.d.ts +5 -0
- package/lib/index.js +24 -0
- package/lib/private/index.d.ts +2 -0
- package/lib/private/index.js +19 -0
- package/lib/private/terraform-dependables-aspect.d.ts +20 -0
- package/lib/private/terraform-dependables-aspect.js +95 -0
- package/lib/private/unique-resource-name.d.ts +9 -0
- package/lib/private/unique-resource-name.js +145 -0
- package/lib/size.d.ts +146 -0
- package/lib/size.js +220 -0
- package/lib/stack-base.d.ts +188 -0
- package/lib/stack-base.js +183 -0
- package/lib/token.d.ts +32 -0
- package/lib/token.js +54 -0
- package/node_modules/camel-case/LICENSE +21 -0
- package/node_modules/camel-case/README.md +47 -0
- package/node_modules/camel-case/dist/index.d.ts +5 -0
- package/node_modules/camel-case/dist/index.js +23 -0
- package/node_modules/camel-case/dist/index.js.map +1 -0
- package/node_modules/camel-case/dist/index.spec.d.ts +1 -0
- package/node_modules/camel-case/dist/index.spec.js +26 -0
- package/node_modules/camel-case/dist/index.spec.js.map +1 -0
- package/node_modules/camel-case/dist.es2015/index.d.ts +5 -0
- package/node_modules/camel-case/dist.es2015/index.js +17 -0
- package/node_modules/camel-case/dist.es2015/index.js.map +1 -0
- package/node_modules/camel-case/dist.es2015/index.spec.d.ts +1 -0
- package/node_modules/camel-case/dist.es2015/index.spec.js +24 -0
- package/node_modules/camel-case/dist.es2015/index.spec.js.map +1 -0
- package/node_modules/camel-case/package.json +89 -0
- package/node_modules/capital-case/LICENSE +21 -0
- package/node_modules/capital-case/README.md +37 -0
- package/node_modules/capital-case/dist/index.d.ts +4 -0
- package/node_modules/capital-case/dist/index.js +16 -0
- package/node_modules/capital-case/dist/index.js.map +1 -0
- package/node_modules/capital-case/dist/index.spec.d.ts +1 -0
- package/node_modules/capital-case/dist/index.spec.js +24 -0
- package/node_modules/capital-case/dist/index.spec.js.map +1 -0
- package/node_modules/capital-case/dist.es2015/index.d.ts +4 -0
- package/node_modules/capital-case/dist.es2015/index.js +11 -0
- package/node_modules/capital-case/dist.es2015/index.js.map +1 -0
- package/node_modules/capital-case/dist.es2015/index.spec.d.ts +1 -0
- package/node_modules/capital-case/dist.es2015/index.spec.js +22 -0
- package/node_modules/capital-case/dist.es2015/index.spec.js.map +1 -0
- package/node_modules/capital-case/package.json +90 -0
- package/node_modules/change-case/LICENSE +21 -0
- package/node_modules/change-case/README.md +44 -0
- package/node_modules/change-case/dist/index.d.ts +11 -0
- package/node_modules/change-case/dist/index.js +15 -0
- package/node_modules/change-case/dist/index.js.map +1 -0
- package/node_modules/change-case/dist/index.spec.d.ts +1 -0
- package/node_modules/change-case/dist/index.spec.js +9 -0
- package/node_modules/change-case/dist/index.spec.js.map +1 -0
- package/node_modules/change-case/dist.es2015/index.d.ts +11 -0
- package/node_modules/change-case/dist.es2015/index.js +12 -0
- package/node_modules/change-case/dist.es2015/index.js.map +1 -0
- package/node_modules/change-case/dist.es2015/index.spec.d.ts +1 -0
- package/node_modules/change-case/dist.es2015/index.spec.js +7 -0
- package/node_modules/change-case/dist.es2015/index.spec.js.map +1 -0
- package/node_modules/change-case/package.json +101 -0
- package/node_modules/constant-case/LICENSE +21 -0
- package/node_modules/constant-case/README.md +37 -0
- package/node_modules/constant-case/dist/index.d.ts +3 -0
- package/node_modules/constant-case/dist/index.js +12 -0
- package/node_modules/constant-case/dist/index.js.map +1 -0
- package/node_modules/constant-case/dist/index.spec.d.ts +1 -0
- package/node_modules/constant-case/dist/index.spec.js +26 -0
- package/node_modules/constant-case/dist/index.spec.js.map +1 -0
- package/node_modules/constant-case/dist.es2015/index.d.ts +3 -0
- package/node_modules/constant-case/dist.es2015/index.js +8 -0
- package/node_modules/constant-case/dist.es2015/index.js.map +1 -0
- package/node_modules/constant-case/dist.es2015/index.spec.d.ts +1 -0
- package/node_modules/constant-case/dist.es2015/index.spec.js +24 -0
- package/node_modules/constant-case/dist.es2015/index.spec.js.map +1 -0
- package/node_modules/constant-case/package.json +90 -0
- package/node_modules/dot-case/LICENSE +21 -0
- package/node_modules/dot-case/README.md +37 -0
- package/node_modules/dot-case/dist/index.d.ts +3 -0
- package/node_modules/dot-case/dist/index.js +11 -0
- package/node_modules/dot-case/dist/index.js.map +1 -0
- package/node_modules/dot-case/dist/index.spec.d.ts +1 -0
- package/node_modules/dot-case/dist/index.spec.js +26 -0
- package/node_modules/dot-case/dist/index.spec.js.map +1 -0
- package/node_modules/dot-case/dist.es2015/index.d.ts +3 -0
- package/node_modules/dot-case/dist.es2015/index.js +7 -0
- package/node_modules/dot-case/dist.es2015/index.js.map +1 -0
- package/node_modules/dot-case/dist.es2015/index.spec.d.ts +1 -0
- package/node_modules/dot-case/dist.es2015/index.spec.js +24 -0
- package/node_modules/dot-case/dist.es2015/index.spec.js.map +1 -0
- package/node_modules/dot-case/package.json +89 -0
- package/node_modules/esbuild-wasm/LICENSE.md +21 -0
- package/node_modules/esbuild-wasm/README.md +3 -0
- package/node_modules/esbuild-wasm/bin/esbuild +91 -0
- package/node_modules/esbuild-wasm/esbuild.wasm +0 -0
- package/node_modules/esbuild-wasm/esm/browser.d.ts +705 -0
- package/node_modules/esbuild-wasm/esm/browser.js +2370 -0
- package/node_modules/esbuild-wasm/esm/browser.min.js +20 -0
- package/node_modules/esbuild-wasm/lib/browser.d.ts +705 -0
- package/node_modules/esbuild-wasm/lib/browser.js +2415 -0
- package/node_modules/esbuild-wasm/lib/browser.min.js +22 -0
- package/node_modules/esbuild-wasm/lib/main.d.ts +705 -0
- package/node_modules/esbuild-wasm/lib/main.js +2051 -0
- package/node_modules/esbuild-wasm/package.json +19 -0
- package/node_modules/esbuild-wasm/wasm_exec.js +561 -0
- package/node_modules/esbuild-wasm/wasm_exec_node.js +39 -0
- package/node_modules/header-case/LICENSE +21 -0
- package/node_modules/header-case/README.md +37 -0
- package/node_modules/header-case/dist/index.d.ts +3 -0
- package/node_modules/header-case/dist/index.js +11 -0
- package/node_modules/header-case/dist/index.js.map +1 -0
- package/node_modules/header-case/dist/index.spec.d.ts +1 -0
- package/node_modules/header-case/dist/index.spec.js +24 -0
- package/node_modules/header-case/dist/index.spec.js.map +1 -0
- package/node_modules/header-case/dist.es2015/index.d.ts +3 -0
- package/node_modules/header-case/dist.es2015/index.js +7 -0
- package/node_modules/header-case/dist.es2015/index.js.map +1 -0
- package/node_modules/header-case/dist.es2015/index.spec.d.ts +1 -0
- package/node_modules/header-case/dist.es2015/index.spec.js +22 -0
- package/node_modules/header-case/dist.es2015/index.spec.js.map +1 -0
- package/node_modules/header-case/package.json +89 -0
- package/node_modules/lower-case/LICENSE +21 -0
- package/node_modules/lower-case/README.md +35 -0
- package/node_modules/lower-case/dist/index.d.ts +8 -0
- package/node_modules/lower-case/dist/index.js +53 -0
- package/node_modules/lower-case/dist/index.js.map +1 -0
- package/node_modules/lower-case/dist/index.spec.d.ts +1 -0
- package/node_modules/lower-case/dist/index.spec.js +36 -0
- package/node_modules/lower-case/dist/index.spec.js.map +1 -0
- package/node_modules/lower-case/dist.es2015/index.d.ts +8 -0
- package/node_modules/lower-case/dist.es2015/index.js +48 -0
- package/node_modules/lower-case/dist.es2015/index.js.map +1 -0
- package/node_modules/lower-case/dist.es2015/index.spec.d.ts +1 -0
- package/node_modules/lower-case/dist.es2015/index.spec.js +34 -0
- package/node_modules/lower-case/dist.es2015/index.spec.js.map +1 -0
- package/node_modules/lower-case/package.json +87 -0
- package/node_modules/mime-db/HISTORY.md +507 -0
- package/node_modules/mime-db/LICENSE +23 -0
- package/node_modules/mime-db/README.md +100 -0
- package/node_modules/mime-db/db.json +8519 -0
- package/node_modules/mime-db/index.js +12 -0
- package/node_modules/mime-db/package.json +60 -0
- package/node_modules/mime-types/HISTORY.md +397 -0
- package/node_modules/mime-types/LICENSE +23 -0
- package/node_modules/mime-types/README.md +113 -0
- package/node_modules/mime-types/index.js +188 -0
- package/node_modules/mime-types/package.json +44 -0
- package/node_modules/no-case/LICENSE +21 -0
- package/node_modules/no-case/README.md +37 -0
- package/node_modules/no-case/dist/index.d.ts +10 -0
- package/node_modules/no-case/dist/index.js +35 -0
- package/node_modules/no-case/dist/index.js.map +1 -0
- package/node_modules/no-case/dist/index.spec.d.ts +1 -0
- package/node_modules/no-case/dist/index.spec.js +59 -0
- package/node_modules/no-case/dist/index.spec.js.map +1 -0
- package/node_modules/no-case/dist.es2015/index.d.ts +10 -0
- package/node_modules/no-case/dist.es2015/index.js +31 -0
- package/node_modules/no-case/dist.es2015/index.js.map +1 -0
- package/node_modules/no-case/dist.es2015/index.spec.d.ts +1 -0
- package/node_modules/no-case/dist.es2015/index.spec.js +57 -0
- package/node_modules/no-case/dist.es2015/index.spec.js.map +1 -0
- package/node_modules/no-case/package.json +85 -0
- package/node_modules/param-case/LICENSE +21 -0
- package/node_modules/param-case/README.md +37 -0
- package/node_modules/param-case/dist/index.d.ts +3 -0
- package/node_modules/param-case/dist/index.js +11 -0
- package/node_modules/param-case/dist/index.js.map +1 -0
- package/node_modules/param-case/dist/index.spec.d.ts +1 -0
- package/node_modules/param-case/dist/index.spec.js +24 -0
- package/node_modules/param-case/dist/index.spec.js.map +1 -0
- package/node_modules/param-case/dist.es2015/index.d.ts +3 -0
- package/node_modules/param-case/dist.es2015/index.js +7 -0
- package/node_modules/param-case/dist.es2015/index.js.map +1 -0
- package/node_modules/param-case/dist.es2015/index.spec.d.ts +1 -0
- package/node_modules/param-case/dist.es2015/index.spec.js +22 -0
- package/node_modules/param-case/dist.es2015/index.spec.js.map +1 -0
- package/node_modules/param-case/package.json +91 -0
- package/node_modules/pascal-case/LICENSE +21 -0
- package/node_modules/pascal-case/README.md +47 -0
- package/node_modules/pascal-case/dist/index.d.ts +5 -0
- package/node_modules/pascal-case/dist/index.js +24 -0
- package/node_modules/pascal-case/dist/index.js.map +1 -0
- package/node_modules/pascal-case/dist/index.spec.d.ts +1 -0
- package/node_modules/pascal-case/dist/index.spec.js +25 -0
- package/node_modules/pascal-case/dist/index.spec.js.map +1 -0
- package/node_modules/pascal-case/dist.es2015/index.d.ts +5 -0
- package/node_modules/pascal-case/dist.es2015/index.js +18 -0
- package/node_modules/pascal-case/dist.es2015/index.js.map +1 -0
- package/node_modules/pascal-case/dist.es2015/index.spec.d.ts +1 -0
- package/node_modules/pascal-case/dist.es2015/index.spec.js +23 -0
- package/node_modules/pascal-case/dist.es2015/index.spec.js.map +1 -0
- package/node_modules/pascal-case/package.json +90 -0
- package/node_modules/path-case/LICENSE +21 -0
- package/node_modules/path-case/README.md +37 -0
- package/node_modules/path-case/dist/index.d.ts +3 -0
- package/node_modules/path-case/dist/index.js +11 -0
- package/node_modules/path-case/dist/index.js.map +1 -0
- package/node_modules/path-case/dist/index.spec.d.ts +1 -0
- package/node_modules/path-case/dist/index.spec.js +24 -0
- package/node_modules/path-case/dist/index.spec.js.map +1 -0
- package/node_modules/path-case/dist.es2015/index.d.ts +3 -0
- package/node_modules/path-case/dist.es2015/index.js +7 -0
- package/node_modules/path-case/dist.es2015/index.js.map +1 -0
- package/node_modules/path-case/dist.es2015/index.spec.d.ts +1 -0
- package/node_modules/path-case/dist.es2015/index.spec.js +22 -0
- package/node_modules/path-case/dist.es2015/index.spec.js.map +1 -0
- package/node_modules/path-case/package.json +88 -0
- package/node_modules/sentence-case/LICENSE +21 -0
- package/node_modules/sentence-case/README.md +37 -0
- package/node_modules/sentence-case/dist/index.d.ts +4 -0
- package/node_modules/sentence-case/dist/index.js +19 -0
- package/node_modules/sentence-case/dist/index.js.map +1 -0
- package/node_modules/sentence-case/dist/index.spec.d.ts +1 -0
- package/node_modules/sentence-case/dist/index.spec.js +24 -0
- package/node_modules/sentence-case/dist/index.spec.js.map +1 -0
- package/node_modules/sentence-case/dist.es2015/index.d.ts +4 -0
- package/node_modules/sentence-case/dist.es2015/index.js +14 -0
- package/node_modules/sentence-case/dist.es2015/index.js.map +1 -0
- package/node_modules/sentence-case/dist.es2015/index.spec.d.ts +1 -0
- package/node_modules/sentence-case/dist.es2015/index.spec.js +22 -0
- package/node_modules/sentence-case/dist.es2015/index.spec.js.map +1 -0
- package/node_modules/sentence-case/package.json +89 -0
- package/node_modules/snake-case/LICENSE +21 -0
- package/node_modules/snake-case/README.md +37 -0
- package/node_modules/snake-case/dist/index.d.ts +3 -0
- package/node_modules/snake-case/dist/index.js +11 -0
- package/node_modules/snake-case/dist/index.js.map +1 -0
- package/node_modules/snake-case/dist/index.spec.d.ts +1 -0
- package/node_modules/snake-case/dist/index.spec.js +25 -0
- package/node_modules/snake-case/dist/index.spec.js.map +1 -0
- package/node_modules/snake-case/dist.es2015/index.d.ts +3 -0
- package/node_modules/snake-case/dist.es2015/index.js +7 -0
- package/node_modules/snake-case/dist.es2015/index.js.map +1 -0
- package/node_modules/snake-case/dist.es2015/index.spec.d.ts +1 -0
- package/node_modules/snake-case/dist.es2015/index.spec.js +23 -0
- package/node_modules/snake-case/dist.es2015/index.spec.js.map +1 -0
- package/node_modules/snake-case/package.json +90 -0
- package/node_modules/tslib/CopyrightNotice.txt +15 -0
- package/node_modules/tslib/LICENSE.txt +12 -0
- package/node_modules/tslib/README.md +164 -0
- package/node_modules/tslib/SECURITY.md +41 -0
- package/node_modules/tslib/modules/index.d.ts +37 -0
- package/node_modules/tslib/modules/index.js +68 -0
- package/node_modules/tslib/modules/package.json +3 -0
- package/node_modules/tslib/package.json +47 -0
- package/node_modules/tslib/tslib.d.ts +453 -0
- package/node_modules/tslib/tslib.es6.html +1 -0
- package/node_modules/tslib/tslib.es6.js +374 -0
- package/node_modules/tslib/tslib.es6.mjs +373 -0
- package/node_modules/tslib/tslib.html +1 -0
- package/node_modules/tslib/tslib.js +424 -0
- package/node_modules/upper-case/README.md +34 -0
- package/node_modules/upper-case/dist/index.d.ts +8 -0
- package/node_modules/upper-case/dist/index.js +49 -0
- package/node_modules/upper-case/dist/index.js.map +1 -0
- package/node_modules/upper-case/dist/index.spec.d.ts +1 -0
- package/node_modules/upper-case/dist/index.spec.js +34 -0
- package/node_modules/upper-case/dist/index.spec.js.map +1 -0
- package/node_modules/upper-case/dist.es2015/index.d.ts +8 -0
- package/node_modules/upper-case/dist.es2015/index.js +44 -0
- package/node_modules/upper-case/dist.es2015/index.js.map +1 -0
- package/node_modules/upper-case/dist.es2015/index.spec.d.ts +1 -0
- package/node_modules/upper-case/dist.es2015/index.spec.js +32 -0
- package/node_modules/upper-case/dist.es2015/index.spec.js.map +1 -0
- package/node_modules/upper-case/package.json +86 -0
- package/node_modules/upper-case-first/LICENSE +21 -0
- package/node_modules/upper-case-first/README.md +32 -0
- package/node_modules/upper-case-first/dist/index.d.ts +4 -0
- package/node_modules/upper-case-first/dist/index.js +11 -0
- package/node_modules/upper-case-first/dist/index.js.map +1 -0
- package/node_modules/upper-case-first/dist/index.spec.d.ts +1 -0
- package/node_modules/upper-case-first/dist/index.spec.js +20 -0
- package/node_modules/upper-case-first/dist/index.spec.js.map +1 -0
- package/node_modules/upper-case-first/dist.es2015/index.d.ts +4 -0
- package/node_modules/upper-case-first/dist.es2015/index.js +7 -0
- package/node_modules/upper-case-first/dist.es2015/index.js.map +1 -0
- package/node_modules/upper-case-first/dist.es2015/index.spec.d.ts +1 -0
- package/node_modules/upper-case-first/dist.es2015/index.spec.js +18 -0
- package/node_modules/upper-case-first/dist.es2015/index.spec.js.map +1 -0
- package/node_modules/upper-case-first/package.json +87 -0
- package/package.json +152 -0
- package/setup.js +2 -0
|
@@ -0,0 +1,425 @@
|
|
|
1
|
+
import { iamRole } from "@cdktf/provider-aws";
|
|
2
|
+
import { Construct } from "constructs";
|
|
3
|
+
import { AwsConstructBase, AwsConstructProps } from "../aws-construct";
|
|
4
|
+
import { Grant } from "./grant";
|
|
5
|
+
import { IIdentity } from "./identity-base";
|
|
6
|
+
import { IManagedPolicy } from "./managed-policy";
|
|
7
|
+
import { Policy } from "./policy";
|
|
8
|
+
import { PolicyDocument } from "./policy-document";
|
|
9
|
+
import { PolicyStatement } from "./policy-statement";
|
|
10
|
+
import { AddToPrincipalPolicyResult, IPrincipal, PrincipalPolicyFragment } from "./principals";
|
|
11
|
+
import { Duration } from "../..";
|
|
12
|
+
/**
|
|
13
|
+
* Properties for defining an IAM Role
|
|
14
|
+
*/
|
|
15
|
+
export interface RoleProps extends AwsConstructProps {
|
|
16
|
+
/**
|
|
17
|
+
* The IAM principal (i.e. `new ServicePrincipal('sns.amazonaws.com')`)
|
|
18
|
+
* which can assume this role.
|
|
19
|
+
*
|
|
20
|
+
* You can later modify the assume role policy document by accessing it via
|
|
21
|
+
* the `assumeRolePolicy` property.
|
|
22
|
+
*/
|
|
23
|
+
readonly assumedBy: IPrincipal;
|
|
24
|
+
/**
|
|
25
|
+
* ID that the role assumer needs to provide when assuming this role
|
|
26
|
+
*
|
|
27
|
+
* If the configured and provided external IDs do not match, the
|
|
28
|
+
* AssumeRole operation will fail.
|
|
29
|
+
*
|
|
30
|
+
* @deprecated see `externalIds`
|
|
31
|
+
*
|
|
32
|
+
* @default No external ID required
|
|
33
|
+
*/
|
|
34
|
+
readonly externalId?: string;
|
|
35
|
+
/**
|
|
36
|
+
* List of IDs that the role assumer needs to provide one of when assuming this role
|
|
37
|
+
*
|
|
38
|
+
* If the configured and provided external IDs do not match, the
|
|
39
|
+
* AssumeRole operation will fail.
|
|
40
|
+
*
|
|
41
|
+
* @default No external ID required
|
|
42
|
+
*/
|
|
43
|
+
readonly externalIds?: string[];
|
|
44
|
+
/**
|
|
45
|
+
* A list of managed policies associated with this role.
|
|
46
|
+
*
|
|
47
|
+
* You can add managed policies later using
|
|
48
|
+
* `addManagedPolicy(ManagedPolicy.fromAwsManagedPolicyName(policyName))`.
|
|
49
|
+
*
|
|
50
|
+
* @default - No managed policies.
|
|
51
|
+
*/
|
|
52
|
+
readonly managedPolicies?: IManagedPolicy[];
|
|
53
|
+
/**
|
|
54
|
+
* A list of named policies to inline into this role. These policies will be
|
|
55
|
+
* created with the role, whereas those added by ``addToPolicy`` are added
|
|
56
|
+
* using a separate CloudFormation resource (allowing a way around circular
|
|
57
|
+
* dependencies that could otherwise be introduced).
|
|
58
|
+
*
|
|
59
|
+
* @default - No policy is inlined in the Role resource.
|
|
60
|
+
*/
|
|
61
|
+
readonly inlinePolicies?: {
|
|
62
|
+
[name: string]: PolicyDocument;
|
|
63
|
+
};
|
|
64
|
+
/**
|
|
65
|
+
* The path associated with this role. For information about IAM paths, see
|
|
66
|
+
* Friendly Names and Paths in IAM User Guide.
|
|
67
|
+
*
|
|
68
|
+
* @default /
|
|
69
|
+
*/
|
|
70
|
+
readonly path?: string;
|
|
71
|
+
/**
|
|
72
|
+
* AWS supports permissions boundaries for IAM entities (users or roles).
|
|
73
|
+
* A permissions boundary is an advanced feature for using a managed policy
|
|
74
|
+
* to set the maximum permissions that an identity-based policy can grant to
|
|
75
|
+
* an IAM entity. An entity's permissions boundary allows it to perform only
|
|
76
|
+
* the actions that are allowed by both its identity-based policies and its
|
|
77
|
+
* permissions boundaries.
|
|
78
|
+
*
|
|
79
|
+
* @link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-role.html#cfn-iam-role-permissionsboundary
|
|
80
|
+
* @link https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html
|
|
81
|
+
*
|
|
82
|
+
* @default - No permissions boundary.
|
|
83
|
+
*/
|
|
84
|
+
readonly permissionsBoundary?: IManagedPolicy;
|
|
85
|
+
/**
|
|
86
|
+
* A name for the IAM role. For valid values, see the RoleName parameter for
|
|
87
|
+
* the CreateRole action in the IAM API Reference.
|
|
88
|
+
*
|
|
89
|
+
* IMPORTANT: If you specify a name, you cannot perform updates that require
|
|
90
|
+
* replacement of this resource. You can perform updates that require no or
|
|
91
|
+
* some interruption. If you must replace the resource, specify a new name.
|
|
92
|
+
*
|
|
93
|
+
* Use [Terraform Resource Meta Arguments](https://developer.hashicorp.com/terraform/language/resources/syntax#meta-arguments)
|
|
94
|
+
* to control lifecycle when replacing the role.
|
|
95
|
+
*
|
|
96
|
+
* See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
|
|
97
|
+
* for more information
|
|
98
|
+
*
|
|
99
|
+
* @default - If omitted, Refer to `roleNamePrefix`.
|
|
100
|
+
*/
|
|
101
|
+
readonly roleName?: string;
|
|
102
|
+
/**
|
|
103
|
+
* Creates a unique name beginning with the specified prefix.
|
|
104
|
+
* Conflicts with `roleName`.
|
|
105
|
+
*
|
|
106
|
+
* IMPORTANT: If you specify a namePrefix, you cannot perform updates that require
|
|
107
|
+
* replacement of this resource. You can perform updates that require no or
|
|
108
|
+
* some interruption. If you must replace the resource, specify a new name.
|
|
109
|
+
*
|
|
110
|
+
* Use [Terraform Resource Meta Arguments](https://developer.hashicorp.com/terraform/language/resources/syntax#meta-arguments)
|
|
111
|
+
* to control lifecycle when replacing the role.
|
|
112
|
+
*
|
|
113
|
+
* See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
|
|
114
|
+
* for more information
|
|
115
|
+
*
|
|
116
|
+
* @default - If omitted, ET will assign a random, unique name prefixed by GridUUID.
|
|
117
|
+
*/
|
|
118
|
+
readonly roleNamePrefix?: string;
|
|
119
|
+
/**
|
|
120
|
+
* The maximum session duration in seconds that you want to set for the specified role.
|
|
121
|
+
* This setting can have a value from 1 hour (3600sec) to 12 (43200sec) hours.
|
|
122
|
+
*
|
|
123
|
+
* Anyone who assumes the role from the AWS CLI or API can use the
|
|
124
|
+
* DurationSeconds API parameter or the duration-seconds CLI parameter to
|
|
125
|
+
* request a longer session. The MaxSessionDuration setting determines the
|
|
126
|
+
* maximum duration that can be requested using the DurationSeconds
|
|
127
|
+
* parameter.
|
|
128
|
+
*
|
|
129
|
+
* If users don't specify a value for the DurationSeconds parameter, their
|
|
130
|
+
* security credentials are valid for one hour by default. This applies when
|
|
131
|
+
* you use the AssumeRole* API operations or the assume-role* CLI operations
|
|
132
|
+
* but does not apply when you use those operations to create a console URL.
|
|
133
|
+
*
|
|
134
|
+
* @link https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html
|
|
135
|
+
*
|
|
136
|
+
* @default Duration.hours(1)
|
|
137
|
+
*/
|
|
138
|
+
readonly maxSessionDuration?: Duration;
|
|
139
|
+
/**
|
|
140
|
+
* A description of the role. It can be up to 1000 characters long.
|
|
141
|
+
*
|
|
142
|
+
* @default - No description.
|
|
143
|
+
*/
|
|
144
|
+
readonly description?: string;
|
|
145
|
+
/**
|
|
146
|
+
* Whether to force detaching any policies the role has before destroying it
|
|
147
|
+
* If policies are attached to the role via the `aws_iam_policy_attachment`
|
|
148
|
+
* resource and you are modifying the role `name` or `path`, this must be
|
|
149
|
+
* set to `true` and applied before attempting the operation otherwise you
|
|
150
|
+
* will encounter a `DeleteConflict` error.
|
|
151
|
+
*
|
|
152
|
+
* The `aws_iam_role_policy_attachment` resource (recommended) does not
|
|
153
|
+
* have this requirement.
|
|
154
|
+
*
|
|
155
|
+
* NOTE: The `iam.Policy` uses `aws_iam_role_policy_attachment` under
|
|
156
|
+
* the hood and this should not be a concern.
|
|
157
|
+
*
|
|
158
|
+
* @default - false
|
|
159
|
+
*/
|
|
160
|
+
readonly forceDetachPolicies?: boolean;
|
|
161
|
+
}
|
|
162
|
+
/**
|
|
163
|
+
* Options allowing customizing the behavior of `Role.fromRoleArn`.
|
|
164
|
+
*/
|
|
165
|
+
export interface FromRoleArnOptions {
|
|
166
|
+
/**
|
|
167
|
+
* Whether the imported role can be modified by attaching policy resources to it.
|
|
168
|
+
*
|
|
169
|
+
* @default true
|
|
170
|
+
*/
|
|
171
|
+
readonly mutable?: boolean;
|
|
172
|
+
/**
|
|
173
|
+
* For immutable roles: add grants to resources instead of dropping them
|
|
174
|
+
*
|
|
175
|
+
* If this is `false` or not specified, grant permissions added to this role are ignored.
|
|
176
|
+
* It is your own responsibility to make sure the role has the required permissions.
|
|
177
|
+
*
|
|
178
|
+
* If this is `true`, any grant permissions will be added to the resource instead.
|
|
179
|
+
*
|
|
180
|
+
* @default false
|
|
181
|
+
*/
|
|
182
|
+
readonly addGrantsToResources?: boolean;
|
|
183
|
+
/**
|
|
184
|
+
* Any policies created by this role will use this value as their ID, if specified.
|
|
185
|
+
* Specify this if importing the same role in multiple stacks, and granting it
|
|
186
|
+
* different permissions in at least two stacks. If this is not specified
|
|
187
|
+
* (or if the same name is specified in more than one stack),
|
|
188
|
+
* a Terraform issue will result in the policy created in whichever stack
|
|
189
|
+
* is deployed last overwriting the policies created by the others.
|
|
190
|
+
*
|
|
191
|
+
* @default 'Policy'
|
|
192
|
+
*/
|
|
193
|
+
readonly defaultPolicyName?: string;
|
|
194
|
+
}
|
|
195
|
+
/**
|
|
196
|
+
* Options allowing customizing the behavior of `Role.fromRoleName`.
|
|
197
|
+
*/
|
|
198
|
+
export interface FromRoleNameOptions extends FromRoleArnOptions {
|
|
199
|
+
}
|
|
200
|
+
/**
|
|
201
|
+
* IAM Role
|
|
202
|
+
*
|
|
203
|
+
* Defines an IAM role. The role is created with an assume policy document associated with
|
|
204
|
+
* the specified AWS service principal defined in `serviceAssumeRole`.
|
|
205
|
+
*/
|
|
206
|
+
export declare class Role extends AwsConstructBase implements IRole {
|
|
207
|
+
/**
|
|
208
|
+
* Import an external role by ARN.
|
|
209
|
+
*
|
|
210
|
+
* If the imported Role ARN is a Token (such as a
|
|
211
|
+
* `CfnParameter.valueAsString` or a `Fn.importValue()`) *and* the referenced
|
|
212
|
+
* role has a `path` (like `arn:...:role/AdminRoles/Alice`), the
|
|
213
|
+
* `roleName` property will not resolve to the correct value. Instead it
|
|
214
|
+
* will resolve to the first path component. We unfortunately cannot express
|
|
215
|
+
* the correct calculation of the full path name as a CloudFormation
|
|
216
|
+
* expression. In this scenario the Role ARN should be supplied without the
|
|
217
|
+
* `path` in order to resolve the correct role resource.
|
|
218
|
+
*
|
|
219
|
+
* @param scope construct scope
|
|
220
|
+
* @param id construct id
|
|
221
|
+
* @param roleArn the ARN of the role to import
|
|
222
|
+
* @param options allow customizing the behavior of the returned role
|
|
223
|
+
*/
|
|
224
|
+
static fromRoleArn(scope: Construct, id: string, roleArn: string, options?: FromRoleArnOptions): IRole;
|
|
225
|
+
/**
|
|
226
|
+
* Return whether the given object is a Role
|
|
227
|
+
*/
|
|
228
|
+
static isRole(x: any): x is Role;
|
|
229
|
+
/**
|
|
230
|
+
* Import an external role by name.
|
|
231
|
+
*
|
|
232
|
+
* The imported role is assumed to exist in the same account as the account
|
|
233
|
+
* the scope's containing Stack is being deployed to.
|
|
234
|
+
|
|
235
|
+
* @param scope construct scope
|
|
236
|
+
* @param id construct id
|
|
237
|
+
* @param roleName the name of the role to import
|
|
238
|
+
* @param options allow customizing the behavior of the returned role
|
|
239
|
+
*/
|
|
240
|
+
static fromRoleName(scope: Construct, id: string, roleName: string, options?: FromRoleNameOptions): IRole;
|
|
241
|
+
readonly grantPrincipal: IPrincipal;
|
|
242
|
+
readonly principalAccount: string | undefined;
|
|
243
|
+
readonly assumeRoleAction: string;
|
|
244
|
+
/**
|
|
245
|
+
* The assume role policy document associated with this role.
|
|
246
|
+
*/
|
|
247
|
+
readonly assumeRolePolicy?: PolicyDocument;
|
|
248
|
+
/**
|
|
249
|
+
* Returns the ARN of this role.
|
|
250
|
+
*/
|
|
251
|
+
readonly roleArn: string;
|
|
252
|
+
/**
|
|
253
|
+
* Returns the name of the role.
|
|
254
|
+
*/
|
|
255
|
+
readonly roleName: string;
|
|
256
|
+
/**
|
|
257
|
+
* Returns the role.
|
|
258
|
+
*/
|
|
259
|
+
readonly policyFragment: PrincipalPolicyFragment;
|
|
260
|
+
/**
|
|
261
|
+
* Returns the permissions boundary attached to this role
|
|
262
|
+
*/
|
|
263
|
+
readonly permissionsBoundary?: IManagedPolicy;
|
|
264
|
+
/** Strongly typed Outputs */
|
|
265
|
+
get roleOutputs(): RoleOutputs;
|
|
266
|
+
get outputs(): Record<string, any>;
|
|
267
|
+
/**
|
|
268
|
+
* Direct access to the underlying Terraform resource.
|
|
269
|
+
*/
|
|
270
|
+
readonly resource: iamRole.IamRole;
|
|
271
|
+
private defaultPolicy?;
|
|
272
|
+
private readonly managedPolicies;
|
|
273
|
+
private readonly attachedPolicies;
|
|
274
|
+
private readonly inlinePolicies;
|
|
275
|
+
private immutableRole?;
|
|
276
|
+
private readonly _roleId;
|
|
277
|
+
constructor(scope: Construct, id: string, props: RoleProps);
|
|
278
|
+
/**
|
|
279
|
+
* Adds a permission to the role's default policy document.
|
|
280
|
+
* If there is no default policy attached to this role, it will be created.
|
|
281
|
+
* @param statement The permission statement to add to the policy document
|
|
282
|
+
*/
|
|
283
|
+
addToPrincipalPolicy(statement: PolicyStatement): AddToPrincipalPolicyResult;
|
|
284
|
+
addToPolicy(statement: PolicyStatement): boolean;
|
|
285
|
+
/**
|
|
286
|
+
* Attaches a managed policy to this role.
|
|
287
|
+
*
|
|
288
|
+
* NOTE: Using this method will force the role to take over
|
|
289
|
+
* exclusive management of the role's ManagedPolicy attachments
|
|
290
|
+
* These arguments are incompatible with other ways of managing
|
|
291
|
+
* a role's such as attaching the policy to the role through its
|
|
292
|
+
* `policy.attachToRole(role)` method.
|
|
293
|
+
*
|
|
294
|
+
* If you attempt to manage a role's policies by multiple means,
|
|
295
|
+
* you will get resource cycling and/or errors.
|
|
296
|
+
*
|
|
297
|
+
* ```typescript
|
|
298
|
+
* const policy1 = new iam.ManagedPolicy(this, 'Policy', {
|
|
299
|
+
* managedPolicyName: 'MyPolicy1',
|
|
300
|
+
* description: 'A description of the policy',
|
|
301
|
+
* });
|
|
302
|
+
* const policy2 = new iam.ManagedPolicy(this, 'Policy', {
|
|
303
|
+
* managedPolicyName: 'MyPolicy2',
|
|
304
|
+
* description: 'A description of the policy',
|
|
305
|
+
* });
|
|
306
|
+
*
|
|
307
|
+
* const role = new iam.Role(this, 'Role', {
|
|
308
|
+
* assumedBy: new iam.ServicePrincipal('sns.amazonaws.com'),
|
|
309
|
+
* });
|
|
310
|
+
* // role becomes the manager of all attached policies
|
|
311
|
+
* role.addManagedPolicy(iam.ManagedPolicy.fromAwsManagedPolicyName('SecurityAudit'));
|
|
312
|
+
* role.addManagedPolicy(policy1);
|
|
313
|
+
*
|
|
314
|
+
* // this introduces resource cycling
|
|
315
|
+
* // DON'T DO THIS
|
|
316
|
+
* policy2.attachToRole(role);
|
|
317
|
+
*
|
|
318
|
+
* // DO THIS INSTEAD
|
|
319
|
+
* role.addManagedPolicy(policy2);
|
|
320
|
+
* ```
|
|
321
|
+
* @param policy The the managed policy to attach.
|
|
322
|
+
*/
|
|
323
|
+
addManagedPolicy(policy: IManagedPolicy): void;
|
|
324
|
+
/**
|
|
325
|
+
* Attaches a policy to this role.
|
|
326
|
+
*
|
|
327
|
+
* NOTE: Using this method will force the role to take over
|
|
328
|
+
* exclusive management of the role's inline Policy attachments
|
|
329
|
+
* These arguments are incompatible with other ways of managing
|
|
330
|
+
* a role's such as attaching a policy to the role.
|
|
331
|
+
* If you attempt to manage a role's policies by multiple means,
|
|
332
|
+
* you will get resource cycling and/or errors.
|
|
333
|
+
*
|
|
334
|
+
* @param policy The policy to attach
|
|
335
|
+
*/
|
|
336
|
+
attachInlinePolicy(policy: Policy): void;
|
|
337
|
+
/**
|
|
338
|
+
* Grant the actions defined in actions to the identity Principal on this resource.
|
|
339
|
+
*/
|
|
340
|
+
grant(grantee: IPrincipal, ...actions: string[]): Grant;
|
|
341
|
+
/**
|
|
342
|
+
* Grant permissions to the given principal to pass this role.
|
|
343
|
+
*/
|
|
344
|
+
grantPassRole(identity: IPrincipal): Grant;
|
|
345
|
+
/**
|
|
346
|
+
* Grant permissions to the given principal to assume this role.
|
|
347
|
+
*/
|
|
348
|
+
grantAssumeRole(identity: IPrincipal): Grant;
|
|
349
|
+
/**
|
|
350
|
+
* Returns the stable and unique string identifying the role. For example,
|
|
351
|
+
* AIDAJQABLZS4A3QDU576Q.
|
|
352
|
+
*
|
|
353
|
+
* @attribute
|
|
354
|
+
*/
|
|
355
|
+
get roleId(): string;
|
|
356
|
+
/**
|
|
357
|
+
* Return a copy of this Role object whose Policies will not be updated
|
|
358
|
+
*
|
|
359
|
+
* Use the object returned by this method if you want this Role to be used by
|
|
360
|
+
* a construct without it automatically updating the Role's Policies.
|
|
361
|
+
*
|
|
362
|
+
* If you do, you are responsible for adding the correct statements to the
|
|
363
|
+
* Role's policies yourself.
|
|
364
|
+
*/
|
|
365
|
+
withoutPolicyUpdates(options?: WithoutPolicyUpdatesOptions): IRole;
|
|
366
|
+
private validateRole;
|
|
367
|
+
}
|
|
368
|
+
/**
|
|
369
|
+
* Outputs which may be registered for output via the Grid.
|
|
370
|
+
*/
|
|
371
|
+
export interface RoleOutputs {
|
|
372
|
+
readonly arn: string;
|
|
373
|
+
readonly name: string;
|
|
374
|
+
}
|
|
375
|
+
/**
|
|
376
|
+
* A Role object
|
|
377
|
+
*/
|
|
378
|
+
export interface IRole extends IIdentity {
|
|
379
|
+
/**
|
|
380
|
+
* strongly typed roleOutputs
|
|
381
|
+
*
|
|
382
|
+
* @attribute
|
|
383
|
+
*/
|
|
384
|
+
readonly roleOutputs: RoleOutputs;
|
|
385
|
+
/**
|
|
386
|
+
* Returns the ARN of this role.
|
|
387
|
+
*
|
|
388
|
+
* @attribute
|
|
389
|
+
*/
|
|
390
|
+
readonly roleArn: string;
|
|
391
|
+
/**
|
|
392
|
+
* Returns the name of this role.
|
|
393
|
+
*
|
|
394
|
+
* @attribute
|
|
395
|
+
*/
|
|
396
|
+
readonly roleName: string;
|
|
397
|
+
/**
|
|
398
|
+
* Grant the actions defined in actions to the identity Principal on this resource.
|
|
399
|
+
*/
|
|
400
|
+
grant(grantee: IPrincipal, ...actions: string[]): Grant;
|
|
401
|
+
/**
|
|
402
|
+
* Grant permissions to the given principal to pass this role.
|
|
403
|
+
*/
|
|
404
|
+
grantPassRole(grantee: IPrincipal): Grant;
|
|
405
|
+
/**
|
|
406
|
+
* Grant permissions to the given principal to assume this role.
|
|
407
|
+
*/
|
|
408
|
+
grantAssumeRole(grantee: IPrincipal): Grant;
|
|
409
|
+
}
|
|
410
|
+
/**
|
|
411
|
+
* Options for the `withoutPolicyUpdates()` modifier of a Role
|
|
412
|
+
*/
|
|
413
|
+
export interface WithoutPolicyUpdatesOptions {
|
|
414
|
+
/**
|
|
415
|
+
* Add grants to resources instead of dropping them
|
|
416
|
+
*
|
|
417
|
+
* If this is `false` or not specified, grant permissions added to this role are ignored.
|
|
418
|
+
* It is your own responsibility to make sure the role has the required permissions.
|
|
419
|
+
*
|
|
420
|
+
* If this is `true`, any grant permissions will be added to the resource instead.
|
|
421
|
+
*
|
|
422
|
+
* @default false
|
|
423
|
+
*/
|
|
424
|
+
readonly addGrantsToResources?: boolean;
|
|
425
|
+
}
|