import { AccessLevelList } from '../../shared/access-level'; import { PolicyStatement } from '../../shared'; import { aws_iam as iam } from "aws-cdk-lib"; /** * Statement provider for service [trustedadvisor](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awstrustedadvisor.html). * * @param sid [SID](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_sid.html) of the statement */ export declare class Trustedadvisor extends PolicyStatement { servicePrefix: string; /** * Grants permission to update one or more exclusion status for a list of recommendation resources * * Access Level: Write * * https://docs.aws.amazon.com/awssupport/latest/user/get-started-with-aws-trusted-advisor-api.html */ toBatchUpdateRecommendationResourceExclusion(): this; /** * Grants permission to the organization management account to delete email notification preferences from a delegated administrator account for Trusted Advisor Priority * * Access Level: Write * * https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations */ toDeleteNotificationConfigurationForDelegatedAdmin(): this; /** * Grants permission to view the AWS Support plan and various AWS Trusted Advisor preferences * * Access Level: Read * * https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations */ toDescribeAccount(): this; /** * Grants permission to view if the AWS account has enabled or disabled AWS Trusted Advisor * * Access Level: Read * * https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations */ toDescribeAccountAccess(): this; /** * Grants permission to view details for the check items * * Access Level: Read * * https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations */ toDescribeCheckItems(): this; /** * Grants permission to view the refresh statuses for AWS Trusted Advisor checks * * Access Level: Read * * https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations */ toDescribeCheckRefreshStatuses(): this; /** * Grants permission to view the results and changed statuses for checks in the last 30 days * * Access Level: Read * * https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations */ toDescribeCheckStatusHistoryChanges(): this; /** * Grants permission to view AWS Trusted Advisor check summaries * * Access Level: Read * * https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations */ toDescribeCheckSummaries(): this; /** * Grants permission to view details for AWS Trusted Advisor checks * * Access Level: Read * * https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations */ toDescribeChecks(): this; /** * Grants permission to get your email notification preferences for Trusted Advisor Priority * * Access Level: Read * * https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations */ toDescribeNotificationConfigurations(): this; /** * Grants permission to view the notification preferences for the AWS account * * Access Level: Read * * https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations */ toDescribeNotificationPreferences(): this; /** * Grants permission to view if the AWS account meets the requirements to enable the organizational view feature * * Access Level: Read * * https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations */ toDescribeOrganization(): this; /** * Grants permission to view the linked AWS accounts that are in the organization * * Access Level: Read * * https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations */ toDescribeOrganizationAccounts(): this; /** * Grants permission to view details for organizational view reports, such as the report name, runtime, date created, status, and format * * Access Level: Read * * https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations */ toDescribeReports(): this; /** * Grants permission to view risk details in AWS Trusted Advisor Priority * * Access Level: Read * * https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations */ toDescribeRisk(): this; /** * Grants permission to view affected resources for a risk in AWS Trusted Advisor Priority * * Access Level: Read * * https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations */ toDescribeRiskResources(): this; /** * Grants permission to view risks in AWS Trusted Advisor Priority * * Access Level: Read * * https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations */ toDescribeRisks(): this; /** * Grants permission to view information about organizational view reports, such as the AWS Regions, check categories, check names, and resource statuses * * Access Level: Read * * https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations */ toDescribeServiceMetadata(): this; /** * Grants permission to download a file that contains details about the risk in AWS Trusted Advisor Priority * * Access Level: Read * * https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations */ toDownloadRisk(): this; /** * Grants permission to exclude recommendations for AWS Trusted Advisor checks * * Access Level: Write * * https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations */ toExcludeCheckItems(): this; /** * Grants permission to create a report for AWS Trusted Advisor checks in your organization * * Access Level: Write * * https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations */ toGenerateReport(): this; /** * Grants permission to get a specific recommendation within an AWS Organization's organization. This API supports only prioritized recommendations * * Access Level: Read * * https://docs.aws.amazon.com/awssupport/latest/user/get-started-with-aws-trusted-advisor-api.html */ toGetOrganizationRecommendation(): this; /** * Grants permission to get a specific Recommendation * * Access Level: Read * * https://docs.aws.amazon.com/awssupport/latest/user/get-started-with-aws-trusted-advisor-api.html */ toGetRecommendation(): this; /** * Grants permission to include recommendations for AWS Trusted Advisor checks * * Access Level: Write * * https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations */ toIncludeCheckItems(): this; /** * Grants permission to view, in the Trusted Advisor console, all of the accounts in an AWS organization that are contained by a root or organizational unit (OU) * * Access Level: Read * * https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations */ toListAccountsForParent(): this; /** * Grants permission to list a filterable set of Checks * * Access Level: List * * https://docs.aws.amazon.com/awssupport/latest/user/get-started-with-aws-trusted-advisor-api.html */ toListChecks(): this; /** * Grants permission to list the accounts that own the resources for an AWS Organization aggregate recommendation. This API only supports prioritized recommendations * * Access Level: List * * https://docs.aws.amazon.com/awssupport/latest/user/get-started-with-aws-trusted-advisor-api.html */ toListOrganizationRecommendationAccounts(): this; /** * Grants permission to list Resources of a Recommendation within an AWS Organization. This API only supports prioritized recommendations * * Access Level: List * * https://docs.aws.amazon.com/awssupport/latest/user/get-started-with-aws-trusted-advisor-api.html */ toListOrganizationRecommendationResources(): this; /** * Grants permission to list a filterable set of Recommendations within an AWS Organization. This API only supports prioritized recommendations * * Access Level: List * * https://docs.aws.amazon.com/awssupport/latest/user/get-started-with-aws-trusted-advisor-api.html */ toListOrganizationRecommendations(): this; /** * Grants permission to view, in the Trusted Advisor console, all of the organizational units (OUs) in a parent organizational unit or root * * Access Level: Read * * https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations */ toListOrganizationalUnitsForParent(): this; /** * Grants permission to list Resources of a Recommendation * * Access Level: List * * https://docs.aws.amazon.com/awssupport/latest/user/get-started-with-aws-trusted-advisor-api.html */ toListRecommendationResources(): this; /** * Grants permission to list a filterable set of Recommendations * * Access Level: List * * https://docs.aws.amazon.com/awssupport/latest/user/get-started-with-aws-trusted-advisor-api.html */ toListRecommendations(): this; /** * Grants permission to view, in the Trusted Advisor console, all of the roots that are defined in an AWS organization * * Access Level: Read * * https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations */ toListRoots(): this; /** * Grants permission to refresh an AWS Trusted Advisor check * * Access Level: Write * * https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations */ toRefreshCheck(): this; /** * Grants permission to enable or disable AWS Trusted Advisor for the account * * Access Level: Write * * https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations */ toSetAccountAccess(): this; /** * Grants permission to enable the organizational view feature for AWS Trusted Advisor * * Access Level: Write * * https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations */ toSetOrganizationAccess(): this; /** * Grants permission to create or update your email notification preferences for Trusted Advisor Priority * * Access Level: Write * * https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations */ toUpdateNotificationConfigurations(): this; /** * Grants permission to update notification preferences for AWS Trusted Advisor * * Access Level: Write * * https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations */ toUpdateNotificationPreferences(): this; /** * Grants permission to update the lifecyle of a Recommendation within an AWS Organization. This API only supports prioritized recommendations * * Access Level: Write * * https://docs.aws.amazon.com/awssupport/latest/user/get-started-with-aws-trusted-advisor-api.html */ toUpdateOrganizationRecommendationLifecycle(): this; /** * Grants permission to update the lifecyle of a Recommendation. This API only supports prioritized recommendations * * Access Level: Write * * https://docs.aws.amazon.com/awssupport/latest/user/get-started-with-aws-trusted-advisor-api.html */ toUpdateRecommendationLifecycle(): this; /** * Grants permission to update the risk status in AWS Trusted Advisor Priority * * Access Level: Write * * https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations */ toUpdateRiskStatus(): this; protected accessLevelList: AccessLevelList; /** * Adds a resource of type checks to the statement * * https://docs.aws.amazon.com/awssupport/latest/APIReference/API_TrustedAdvisorCheckDescription.html * * @param categoryCode - Identifier for the categoryCode. * @param checkId - Identifier for the checkId. * @param account - Account of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's account. * @param region - Region of the resource; defaults to `*`, unless using the CDK, where the default is the current Stack's region. * @param partition - Partition of the AWS account [aws, aws-cn, aws-us-gov]; defaults to `aws`, unless using the CDK, where the default is the current Stack's partition. */ onChecks(categoryCode: string, checkId: string, account?: string, region?: string, partition?: string): this; /** * Statement provider for service [trustedadvisor](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awstrustedadvisor.html). * */ constructor(props?: iam.PolicyStatementProps); }