agent-claw: automated task changes

2026-05-06 18:55:16 -05:00
parent 38905bb1e9
commit 732b00fb66
8494 changed files with 2018127 additions and 4 deletions
--- a/cdk/node_modules/aws-cdk-lib/aws-s3/lib/bucket-grants.d.ts
+++ b/cdk/node_modules/aws-cdk-lib/aws-s3/lib/bucket-grants.d.ts
@@ -0,0 +1,139 @@
+import type { GrantReplicationPermissionProps } from './bucket';
+import type { IBucketRef } from './s3.generated';
+import type { IGrantable } from '../../aws-iam';
+import { Grant } from '../../aws-iam';
+import type * as iam from '../../aws-iam/lib/grant';
+/**
+ * Collection of grant methods for a Bucket
+ */
+export declare class BucketGrants {
+    private readonly bucket;
+    private readonly encryptedResource?;
+    private readonly policyResource?;
+    /**
+     * Creates grants for an IBucketRef
+     */
+    static fromBucket(bucket: IBucketRef): BucketGrants;
+    private constructor();
+    /**
+     * Grant read permissions for this bucket and its contents to an IAM
+     * principal (Role/Group/User).
+     *
+     * If encryption is used, permission to use the key to decrypt the contents
+     * of the bucket will also be granted to the same principal.
+     *
+     * @param identity The principal
+     * @param objectsKeyPattern Restrict the permission to a certain key pattern (default '*'). Parameter type is `any` but `string` should be passed in.
+     */
+    read(identity: IGrantable, objectsKeyPattern?: any): Grant;
+    /**
+     * Grant write permissions for this bucket and its contents to an IAM
+     * principal (Role/Group/User).
+     *
+     * If encryption is used, permission to use the key to decrypt the contents
+     * of the bucket will also be granted to the same principal.
+     *
+     * @param identity The principal
+     * @param objectsKeyPattern Restrict the permission to a certain key pattern (default '*'). Parameter type is `any` but `string` should be passed in.
+     */
+    write(identity: IGrantable, objectsKeyPattern?: any, allowedActionPatterns?: string[]): Grant;
+    /**
+     * Grants s3:DeleteObject* permission to an IAM principal for objects
+     * in this bucket.
+     *
+     * @param grantee The principal
+     * @param objectsKeyPattern Restrict the permission to a certain key pattern (default '*'). Parameter type is `any` but `string` should be passed in.
+     */
+    delete(grantee: IGrantable, objectsKeyPattern?: any): Grant;
+    /**
+     * Allows unrestricted access to objects from this bucket.
+     *
+     * IMPORTANT: This permission allows anyone to perform actions on S3 objects
+     * in this bucket, which is useful for when you configure your bucket as a
+     * website and want everyone to be able to read objects in the bucket without
+     * needing to authenticate.
+     *
+     * Without arguments, this method will grant read ("s3:GetObject") access to
+     * all objects ("*") in the bucket.
+     *
+     * The method returns the `iam.Grant` object, which can then be modified
+     * as needed. For example, you can add a condition that will restrict access only
+     * to an IPv4 range like this:
+     *
+     *     const grant = bucket.grantPublicAccess();
+     *     grant.resourceStatement!.addCondition(‘IpAddress’, { “aws:SourceIp”: “54.240.143.0/24” });
+     *
+     * Note that if this `IBucket` refers to an existing bucket, possibly not
+     * managed by CloudFormation, this method will have no effect, since it's
+     * impossible to modify the policy of an existing bucket.
+     *
+     * @param keyPrefix the prefix of S3 object keys (e.g. `home/*`). Default is "*".
+     * @param allowedActions the set of S3 actions to allow. Default is "s3:GetObject".
+     */
+    publicAccess(keyPrefix?: string, ...allowedActions: string[]): Grant;
+    /**
+     * Grants s3:PutObject* and s3:Abort* permissions for this bucket to an IAM principal.
+     *
+     * If encryption is used, permission to use the key to encrypt the contents
+     * of written files will also be granted to the same principal.
+     * @param identity The principal
+     * @param objectsKeyPattern Restrict the permission to a certain key pattern (default '*'). Parameter type is `any` but `string` should be passed in.
+     */
+    put(identity: IGrantable, objectsKeyPattern?: any): Grant;
+    /**
+     * Grants s3:PutObjectAcl and s3:PutObjectVersionAcl permissions for this bucket to an IAM principal.
+     *
+     * If encryption is used, permission to use the key to encrypt the contents
+     * of written files will also be granted to the same principal.
+     * @param identity The principal
+     * @param objectsKeyPattern Restrict the permission to a certain key pattern (default '*'). Parameter type is `any` but `string` should be passed in.
+     */
+    putAcl(identity: IGrantable, objectsKeyPattern?: string): Grant;
+    /**
+     * Grants the given actions on the bucket's objects to the given principal.
+     *
+     * KMS actions (prefixed with `kms:`) are automatically separated and granted on the encryption key.
+     *
+     * @param identity The principal to grant permissions to.
+     * @param objectsKeyPattern Restrict the permission to a certain key pattern (default '*').
+     * @param actions The S3 and/or KMS actions to grant.
+     */
+    actionsOnObjectKeys(identity: IGrantable, objectsKeyPattern?: string, ...actions: string[]): Grant;
+    /**
+     * Grants the given actions on both the bucket and the bucket's objects to the given principal.
+     *
+     * KMS actions (prefixed with `kms:`) are automatically separated and granted on the encryption key.
+     *
+     * @param identity The principal to grant permissions to.
+     * @param objectsKeyPattern Restrict the permission to a certain key pattern (default '*').
+     * @param actions The S3 and/or KMS actions to grant.
+     */
+    actionsOnBucketAndObjectKeys(identity: IGrantable, objectsKeyPattern?: string, ...actions: string[]): Grant;
+    /**
+     * Grant read and write permissions for this bucket and its contents to an IAM
+     * principal (Role/Group/User).
+     *
+     * If encryption is used, permission to use the key to decrypt the contents
+     * of the bucket will also be granted to the same principal.
+     *
+     * @param identity The principal
+     * @param objectsKeyPattern Restrict the permission to a certain key pattern (default '*'). Parameter type is `any` but `string` should be passed in.
+     */
+    readWrite(identity: IGrantable, objectsKeyPattern?: any): Grant;
+    private get putActions();
+    private get writeActions();
+    /**
+     * Grant replication permission to a principal.
+     * This method allows the principal to perform replication operations on this bucket.
+     *
+     * Note that when calling this function for source or destination buckets that support KMS encryption,
+     * you need to specify the KMS key for encryption and the KMS key for decryption, respectively.
+     *
+     * @param identity The principal to grant replication permission to.
+     * @param props The properties of the replication source and destination buckets.
+     */
+    replicationPermission(identity: IGrantable, props: GrantReplicationPermissionProps): iam.Grant;
+    private grantActions;
+    private grant;
+    private arnForObjects;
+}