Adds latest IAM updates from AWS

CHANGELOG/v0.680.0.md

@@ -0,0 +1,17 @@
+**New services:**
+
+- gameliftstreams
+
+**New actions:**
+
+- rum:DeleteResourcePolicy
+- rum:GetResourcePolicy
+- rum:PutResourcePolicy
+- sso-directory:IsMemberInGroups
+- workspaces:ModifyEndpointEncryptionMode
+
+**New condition keys:**
+
+- bedrock:GuardrailIdentifier
+- connect:Channel
+- connect:ContactAssociationId

README.md

@@ -16,10 +16,10 @@
 <!-- stats -->
 Support for:
 
-- 418 Services
-- 18369 Actions
-- 1970 Resource Types
-- 1923 Condition keys
+- 419 Services
+- 18398 Actions
+- 1972 Resource Types
+- 1929 Condition keys
 <!-- /stats -->
 
 ![EXPERIMENTAL](https://img.shields.io/badge/stability-experimantal-orange?style=for-the-badge)**<br>This is an early version of the package. The API will change while I implement new features. Therefore make sure you use an exact version in your `package.json` before it reaches 1.0.0.**

VERSION

@@ -1 +1 @@
-0.679.0
+0.680.0

docs/source/conf.py

@@ -24,7 +24,7 @@
 author = 'Daniel Schroeder'
 
 # The full version, including alpha/beta/rc tags
-release = '0.679.0'
+release = '0.680.0'
 
 # -- General configuration ---------------------------------------------------
 

docs/source/index.rst

@@ -30,10 +30,10 @@ AWS IAM policy statement generator with fluent interface.
 
 Support for:
 
-- 418 Services
-- 18369 Actions
-- 1970 Resource Types
-- 1923 Condition keys
+- 419 Services
+- 18398 Actions
+- 1972 Resource Types
+- 1929 Condition keys
 
 ..
    /stats

lib/generated/index.ts

@@ -76,6 +76,7 @@ export { Frauddetector } from './policy-statements/frauddetector';
 export { Freertos } from './policy-statements/freertos';
 export { Fsx } from './policy-statements/fsx';
 export { Gamelift } from './policy-statements/gamelift';
+export { Gameliftstreams } from './policy-statements/gameliftstreams';
 export { Groundtruthlabeling } from './policy-statements/groundtruthlabeling';
 export { Guardduty } from './policy-statements/guardduty';
 export { Honeycode } from './policy-statements/honeycode';

lib/generated/policy-statements/bedrock.ts

@@ -1316,6 +1316,7 @@ export class Bedrock extends PolicyStatement {
    * - .ifPromptRouterArn()
    * - .ifAwsRequestTag()
    * - .ifAwsTagKeys()
+   * - .ifGuardrailIdentifier()
    *
    * https://docs.aws.amazon.com/bedrock/latest/APIReference/API_runtime_InvokeModel.html
    */
@@ -1331,6 +1332,7 @@ export class Bedrock extends PolicyStatement {
    * Possible conditions:
    * - .ifInferenceProfileArn()
    * - .ifPromptRouterArn()
+   * - .ifGuardrailIdentifier()
    *
    * https://docs.aws.amazon.com/bedrock/latest/APIReference/API_runtime_InvokeModelWithResponseStream.html
    */
@@ -2905,6 +2907,22 @@ export class Bedrock extends PolicyStatement {
     return this.if(`aws:TagKeys`, value, operator ?? 'StringLike');
   }
 
+  /**
+   * Filters access by the GuardrailIdentifier containing the GuardrailArn or the GuardrailArn:NumericVersion
+   *
+   * https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonbedrock.html#amazonbedrock-policy-keys
+   *
+   * Applies to actions:
+   * - .toInvokeModel()
+   * - .toInvokeModelWithResponseStream()
+   *
+   * @param value The value(s) to check
+   * @param operator Works with [arn operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_ARN). **Default:** `ArnLike`
+   */
+  public ifGuardrailIdentifier(value: string | string[], operator?: Operator | string) {
+    return this.if(`GuardrailIdentifier`, value, operator ?? 'ArnLike');
+  }
+
   /**
    * Filters access by the specified inference profile
    *

lib/generated/policy-statements/cloudwatchrum.ts

@@ -81,6 +81,17 @@ export class Rum extends PolicyStatement {
     return this.to('DeleteAppMonitor');
   }
 
+  /**
+   * Grants permission to delete a resource policy attached to an app monitor
+   *
+   * Access Level: Write
+   *
+   * https://docs.aws.amazon.com/cloudwatchrum/latest/APIReference/API_DeleteResourcePolicy.html
+   */
+  public toDeleteResourcePolicy() {
+    return this.to('DeleteResourcePolicy');
+  }
+
   /**
    * Grants permission to delete rum metrics destinations
    *
@@ -114,6 +125,17 @@ export class Rum extends PolicyStatement {
     return this.to('GetAppMonitorData');
   }
 
+  /**
+   * Grants permission to retrieve a resource policy attached to an app monitor
+   *
+   * Access Level: Read
+   *
+   * https://docs.aws.amazon.com/cloudwatchrum/latest/APIReference/API_GetResourcePolicy.html
+   */
+  public toGetResourcePolicy() {
+    return this.to('GetResourcePolicy');
+  }
+
   /**
    * Grants permission to list appMonitors metadata
    *
@@ -147,6 +169,17 @@ export class Rum extends PolicyStatement {
     return this.to('ListTagsForResource');
   }
 
+  /**
+   * Grants permission to attach a resource policy to an app monitor
+   *
+   * Access Level: Write
+   *
+   * https://docs.aws.amazon.com/cloudwatchrum/latest/APIReference/API_PutResourcePolicy.html
+   */
+  public toPutResourcePolicy() {
+    return this.to('PutResourcePolicy');
+  }
+
   /**
    * Grants permission to put RUM events for appmonitor
    *
@@ -230,7 +263,9 @@ export class Rum extends PolicyStatement {
       'BatchDeleteRumMetricDefinitions',
       'CreateAppMonitor',
       'DeleteAppMonitor',
+      'DeleteResourcePolicy',
       'DeleteRumMetricsDestination',
+      'PutResourcePolicy',
       'PutRumEvents',
       'PutRumMetricsDestination',
       'UpdateAppMonitor',
@@ -240,6 +275,7 @@ export class Rum extends PolicyStatement {
       'BatchGetRumMetricDefinitions',
       'GetAppMonitor',
       'GetAppMonitorData',
+      'GetResourcePolicy',
       'ListRumMetricsDestinations',
       'ListTagsForResource'
     ],